Eric Chabrow writes Oversight and Investigations Subcommittee Chairman Rep. Michael Coffman (R-Colo.) said during a Tuesday hearing the hackers encrypted the outgoing data and the VA was not sure what they took.
Coffman identified China and Russia as among the eight alleged nations that carried out the repeated and possibly still ongoing attacks, according to the report.
Jerry Davis, former VA chief information officer, told the panel VA databases are vunlerable due to weak encryptions of records and common exploitable vulnerabilities of web applications.
Michael Bowman, director of information technology and security audit at the VA inspector general office, said the attacks might have targeted the agency’s network domain controller, Chabrow reports.