PRESS RELEASE: Veterans Health Administration Notification of Compromised Veteran Information - Montana VA Health Care System
Attention A T users. To access the menus on this page please perform the following steps. 1. Please switch auto forms mode to off. 2. Hit enter to expand a main menu option (Health, Benefits, etc). 3. To enter and activate the submenu links, hit the down arrow. You will now be able to tab or arrow up or down through the submenu options to access/activate the submenu links.

Montana VA Health Care System

Veterans Crisis Line Badge
My HealtheVet badge
EBenefits Badge

PRESS RELEASE: Veterans Health Administration Notification of Compromised Veteran Information


July 23, 2020


Veterans Health Administration Notification of Compromised Veteran Personal Information


WASHINGTON The U.S. Department of Veterans Affairs (VA) Veterans Health Administration (VHA) announced today actions taken to protect Veterans’ personal information following a recent privacy breach. 

VHA was notified June 4, by former contractor Benefits Recovery Specialists, Inc., (BRSI) of a data incident involving VHA files from the Montana VA Health Care System (MTVAHCS).

BRSI discovered malware or malicious software, April 30, impacting certain BRSI company systems and subsequently notified federal law enforcement. Moreover, BRSI hired cybersecurity specialists and immediately began an internal investigation taking the affected systems offline to remove the malware and ensure the security of its information systems. A forensic investigation concluded on or about May 29, an unauthorized actor deployed Maze ransomware within BRSI’s systems.

Additionally, VHA files containing personal information provided to BRSI as part of prior VA contracts may have been among those accessed and/or acquired between April 20-30 by this unauthorized actor. BRSI performed a comprehensive review of VHA files in its possession and determined the exact personal information impacted by this event to be full name, social security number and facility. To date, there is no indication any information accessed or taken by the unauthorized actor has been misused. 

MTVAHCS is sending out letters to the 1,501 affected Veterans, whose information was involved in the ransomware attack of the potential risk to their personal information. MTVAHCS will offer a free annual credit report and free credit monitoring to these impacted Veterans. The letters will also include information on how impacted Veterans can place a fraud alert on their credit report, which adds another security level to require identify verification before a new account can be established.

Montana Veterans, who receive a notice that they have been affected by this data breach, should follow the instructions outlined in the letter. For questions please contact MTVAHCS at 1-877-468-8387 select Option 2 and Option 2 again. For more information, please reference these BRSI Data Breach FAQs.  

Honoring and serving America’s Veterans is the utmost priority of the VA. The VA apologizes for any inconvenience or concern this BRSI data breach may cause for Montana Veterans.