• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Restore Privacy

Restore Privacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact

Florida Department of Veterans Affairs Data Leaked on Dark Web

June 6, 2022 By Sven Taylor — 5 Comments
Florida Department of Veterans Affairs Data leak

A few weeks ago we first reported on the Quantum ransomware gang claiming the Florida Department of Veterans Affairs as a victim. A spokesperson for the FDVA claimed the ransomware group was “unsuccessful” in attempts to install ransomware on FDVA servers. Quantum responded by releasing a sample of FDVA data on the Dark web. We analyzed the data (redacted below) and obtained exclusive commentary on the situation.

On May 27, 2022, the Quantum ransomware group claimed the Florida Department of Veterans Affairs (FDVA) as its latest victim. That same day, we published an article explaining the background of Quantum, its past victims, and the potential implications of an FDVA data breach.

Since the announcement was first published on Quantum’s Dark web blog site, the group has claimed to have a massive 1.1 TB of FDVA data. This data allegedly includes:

All possible data: veterans data, employees data, financial data, HR data, contracts with suppliers, tax and ssn [social security numbers] data and so on

– Quantum ransomware group

Here is Quantum’s post claiming the FDVA data breach:

FDVA Data Breach
Quantum’s blog announcement on the FDVA.
Source: RestorePrivacy.com

Following our story on the topic, a USA Today reporter contacted the FDVA for comment.

The FDVA spokesperson told the reporter that Quantum was “unsuccessful” in its attempt to install ransomware.

“An attempt was made last week to install ransomware in several files on servers belonging to our agency. The attempt was unsuccessful and there are no infected files following the attempt. We continue to monitor.” – @FLVetsAffairs SPOX https://t.co/uGEujSnXO4

— Jason Delgado (@byJasonDelgado) May 27, 2022

The FDVA’s wording here is interesting. Note that the FDVA spokesperson does not explicitly deny that Quantum gained access to FDVA servers.

Quantum responds by releasing FDVA data sample

Just a few days later, we observed that Quantum had updated its Dark web blog post to include a sample of FDVA data for anyone to download and view.

The sample size is about 47 MB, making it less than .005% of the total (claimed) data exfiltrated from FDVA servers.

Florida Department of Veterans Affairs breach
Quantum has responded by publishing a sample of FDVA data for anyone to download and view.
Source: RestorePrivacy.com

As noted in the original article on the situation, I have no reason to doubt Quantum’s claims based on the group’s past exploits and track record. The publishing of this data further bolsters the group’s claims and raises questions about the FDVA response.

We analyzed the data sample published by Quantum and found it to contain lots of sensitive data from FDVA employees, veterans, and job applicants. Here is an overview of the information contained in the FDVA data sample analyzed by RestorePrivacy:

  • Employee names (first, last, and middle), social security numbers, employment records, and contact information
  • Internal revenue and financial data
  • Employee litigation and court documents
  • Employee fraud investigations
  • Budget and procurement documents
  • FDVA staff who have tested positive for COVID
  • Employee evaluations
  • Employee physical addresses, phone numbers, email addresses, employment history
  • People who have previously applied to work at the FDVA: physical addresses, phone numbers, email addresses, employment history

FDVA employee names, social security numbers, and employment data

One document we analyzed was a spreadsheet from a “Payroll” sub-folder. This spreadsheet included FDVA employee names, social security numbers, position titles, and employment information. Here is a redacted sample of the first ten lines.

FDVA data breach sample employee records
FDVA employee names, social security numbers, and employment data have now been leaked by Quantum.
Source: RestorePrivacy.com

Aside from the spreadsheet sample above, there were other payment documents leaked that included FDVA employee names, social security numbers, and salary data.

Based on public records searches, all of the names and data appear to be authentic and match up with FDVA employees.

Military veteran records and job applications

The HR sub-folder also included a sample of data from people who have applied to work at the FDVA. These records included names, phone numbers, email addresses, and private military records, including DD-214 forms. The DD-214 includes the veteran’s name, date of birth, social security number, and military service data.

DD214 FDVA data sample
A veteran’s DD-214 form that was leaked by Quantum in the data sample.
Source: RestorePrivacy.com

The data sample also included past FDVA job applications, which contained first and last name, email, phone, physical address, and career experience.

Job applications FDVA
Source: RestorePrivacy.com

There are many other documents from Quantum’s data sample. And as noted above, this release is only a tiny sample of the total 1.1 TB of FDVA data that Quantum claims to have exfiltrated from FDVA servers.

Quantum plans to sell or release all FDVA data

In researching this situation, we reached out to both the FDVA and Quantum to provide more information. The FDVA’s response to our request concluded with, “We can’t confirm or deny” the cyberattack. This was posted in our original story here.

Quantum also provided RestorePrivacy with a comment on the situation.

We’ve tried to contact with the FDVA officials regarding the leak, however they have always ignored us.

FDVA is a profit organization with high revenues, we’re also not a charity organization. We could come to the agreement, but in the end the data will be sold on the black market or fully published.

And believe me, this is not the largest organization on the list, majority of our targets do pay us, so they never get to the blog.

You can see that the group claims to have not reached an agreement with the FDVA and plans to release all of the FDVA data “on the black market or fully published.”

A full release of all FDVA data on the group’s Dark web blog site would not be out of the ordinary. Other past victims have suffered the same fate after failing to reach an agreement with Quantum.

Consequences of an FDVA data breach

If the group’s claims prove to be legitimate, and the data is leaked, it could expose thousands of veterans, FDVA employees, and associated personnel to serious risk and fraud. Private data is a valuable tool for targeting individuals with:

  • Identity theft and fraud – When criminals use personal data to impersonate individuals and carry out fraud and various types of attacks.
  • Phishing attacks
  • Social engineering attacks
  • Hacked accounts
  • Financial fraud

For cybercriminals, data is gold. This is especially true if the data includes social security numbers, which enable more attack vectors and financial fraud.

One trend we are seeing is for cybercriminals to create detailed profiles of their victims. This in turn opens up a variety of opportunities for fraud and criminal activities. The data included in these profiles can come from data breaches, other black market vendors, or publicly-available sources such as social media sites like LinkedIn or people search websites.

The more data that is available, the higher the risk of attack and fraudulent activity. Consequently, we have seen cases of class action lawsuits against organizations that have failed to secure data from cyberattacks, such as with Equifax a few years ago.

Related Reading on RestorePrivacy:

How to Access the Dark Web Safely

About Sven Taylor

Sven Taylor is the lead editor and founder of Restore Privacy, a digital privacy advocacy group. With a passion for digital privacy and accessible information, he created RestorePrivacy to provide you with honest, useful, and up-to-date information about online privacy, security, and related topics.

Reader Interactions

Comments

  1. D Knoop

    August 13, 2022

    Any updates from FDVA on this breech which they are denying?

    Reply
  2. Chris

    June 9, 2022

    https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/

    Reply
  3. Chris

    June 7, 2022

    Vets deserve better than this. Come on VA, get your act together.

    Reply
  4. Rob

    June 7, 2022

    I think there should be some new way of our identity presence developed so that cyberattacks won’t harm our privacy, because they are becoming a real nightmare, can ruin people’s lives, and are relatively too easy way to earn huge money that next serves maintaining this activity, and hard to fight with.

    Reply
  5. Observer

    June 6, 2022

    This is clearly a lose-lose situation. Both options are bad.
    Either the criminal hackers get a big payout to further fund their nefarious activities, or veterans and FDVA employees have all of their data released thereby exposing them to fraud and identity theft.
    Both options suck.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browsers
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Restore Privacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN (68% Off Coupon) or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

Restore Privacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

Restore Privacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP