In a new twist that shocked observers, the Department of Veterans Affairs (VA) announced that personal information on about 2.2 million active-duty military personnel was part of the massive May 3 theft of data on 26.5 million veterans, the Associated Press reports on Military.com.After announcing that up to 50,000 Navy and National Guard personnel were affected, VA Secretary Jim Nicholson said the larger numbers were discovered after the VA and Pentagon more closely examined their electronic files, according to the AP.The VA realized it had records for active-duty personnel because they are eligible for some benefits from the organization, such as educational assistance and a home loan program, the AP reports.The theft, which wasn’t made public until almost three weeks after it occurred, was initially believed to include data on 26.5 million veterans who had been discharged since 1975, along with some of their spouses. The data, contained on a laptop computer and external disk drive, was stolen from a VA staffer’s home in suburban Maryland. The names, birth dates and Social Security numbers of about 80 percent of all active-duty troops—about 1.1 million—are now believed to be included in the stolen data, the AP reports, in addition to information on 645,000 members of the Reserves and 430,000 members of the National Guard.The latest revelation outraged veterans advocates. “This confirms the VFW’s worst fear from day one—that the loss of data encompasses every single person who did wear the uniform and does wear the uniform today,” Joe Davis, spokesman for Veterans of Foreign Wars, told the AP.A class-action lawsuit filed by a collection of veterans groups demands that the VA disclose which personnel are affected by the theft and seeks $1,000 in damages for each person, up to $26.5 billion in total.In response, the VA told the AP it is consulting credit-monitoring services to determine how the affected veterans can be helped, the AP reports.Maryland authorities are also offering a $50,000 reward for information leading to the return of the stolen equipment, the AP reports. Anyone who bought a used Hewlett-Packard laptop model zv5360us or HP external hard drive after May 3 is being asked to call Montgomery County Crime Solvers at 1-866-411-TIPS (8477).Follow this ongoing story on our Data Theft at the VA page.Keep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage. — Compiled by Dave Gradijan Related content feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry Technology Industry Technology Industry news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware news Okta confirms recent hack affected all customers within the affected system Contrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident. By Shweta Sharma Nov 30, 2023 3 mins Data Breach news Top cybersecurity product news of the week New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Cycode, and more. By CSO staff Nov 30, 2023 17 mins Generative AI Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe