Cyber Incident Victim: Veterans of Foreign Wars

On March 4, 2014, the Veterans of Foreign Wars of the United States (VFW) discovered unauthorized access to one of its web servers containing the personal information of approximately 55,000 members. An attacker deployed a remote access trojan and malicious code to infiltrate the system, compromising names, addresses, and Social Security numbers. Forensic analysis indicated the intrusion originated from China, with evidence suggesting the attacker sought military intelligence—specifically targeting data related to military plans and contracts—rather than pursuing identity theft objectives. The breach exposed sensitive data stored on the compromised server, though the exact duration of unauthorized access prior to detection was not disclosed in public notifications. VFW leadership confirmed the server breach constituted a deliberate cyber intrusion aimed at extracting strategic defense-related information.

The VFW responded by immediately removing the malicious code from affected systems and severing the attacker’s access pathways. The organization engaged a specialized investigative team to conduct forensic analysis and assess the full scope of the incident. Federal law enforcement agencies were notified to support the investigation into the foreign-linked cyber intrusion. Impacted members received formal breach notifications detailing the compromised data types, and all affected individuals were offered one year of complimentary identity theft protection services. Quartermaster General Robert Greene issued a public apology, stating, “We regret this attack occurred and any inconvenience or problems it may cause you.” The VFW’s breach disclosure, filed with the California Attorney General’s office on April 4, 2014, confirmed completion of containment measures and ongoing coordination with authorities to address the espionage-motivated attack.