Thank you for signing!
Veterans Gave the Government Their Most Sensitive Data — Tell the VA to Secure It
Final signature count: 25
25 signatures toward our 30,000 goal
Sponsor: The Veterans Site
Veterans had no choice but to hand over their most sensitive data. The VA has a choice about protecting it.
Medical histories. Mental health records. Disability ratings. Benefits data. The men and women who served this country handed all of it over — because they had to, and because they trusted it would be protected. That trust is failing them.
Two Breaches. Tens of Thousands of Victims.
In late 2025, a cyberattack on a CPAP medical supplier exposed the personal data of roughly 90,000 people.4 A significant portion were active-duty service members and veterans — hardly a surprise, given how common sleep apnea is among military personnel. Names, home addresses, and medical details were all compromised.1 The kind of information that makes identity theft not just possible, but easy.
Then came 2026. A cyberattack on a TRICARE-affiliated contractor put the data of nearly 12,000 military health care beneficiaries at risk.3 Department of Defense Benefits Numbers were exposed. So were Social Security numbers — which, in the wrong hands, open the door to fraudulent credit accounts, tax fraud, and financial crimes that can take years to untangle.2
Veterans Are Not Incidental Targets
These breaches are not random. Veterans' records carry a combination of government identifiers, detailed medical histories, and benefits information that makes them high-value targets for bad actors. The damage from a breach goes beyond the digital. Veterans already navigate one of the most complex bureaucratic systems in the country to access the care they earned. A data breach can derail active claims, drain financial accounts, and force people into months or years of damage control — for something that was never their fault.
The Fixes Exist. They Just Haven't Been Made.
Cybersecurity watchdogs have identified specific vulnerabilities in the systems the Department of Veterans Affairs uses to store veterans' medical records and complaint data. Recommendations to address those vulnerabilities exist. The problem is that full implementation has lagged — leaving known gaps open while real breaches continue to happen to real people.
Every unimplemented recommendation is a door left unlocked. Every delay is a choice, even when it doesn't feel like one.
The Secretary of Veterans Affairs Can Act Now
The authority to close these gaps sits with the Secretary of Veterans Affairs. The recommendations are already on the table. What's needed is a commitment to act on them — fully, and without further delay. Veterans answered when their country called. The government's obligation in return is straightforward: protect what they were asked to hand over.
The breaches described here are not warnings about what might happen. They have already happened, to tens of thousands of veterans and military families. More will follow if the known vulnerabilities in VA systems go unaddressed.
Sign the petition now to tell the Secretary of Veterans Affairs to fully implement the outstanding cybersecurity recommendations protecting veterans' medical records and personal information. These heroes kept their end of the bargain. It's time for the VA to keep its.
The Petition
Recent Signatures
- Lisa Perkins
- Barbara Tait
- Jeanette Larson
- Cristy Murray
- Lorrie Ingold
- denise hayes
- Andreas GERJETS
- Astrid Gerjets
- Astrid Gerjets
- Lynn M. Larsen
- Anonymous
- Marleen Paulus
- Sabrina Degasperi
- Sandy Collins
- Tolga Süslü
- Robin Peters
- Katharine Carroll
- Debra Rogers
- Lisa Mazzola
- June Krell
- Anonymous
- Donna Calver
- Linda Pawloski
- Laura Webb
- Doolittle Doolittle
