In a new twist that shocked observers, the Department of Veterans Affairs (VA) announced that personal information on about 2.2 million active-duty military personnel was part of the massive May 3 theft of data on 26.5 million veterans, the Associated Press reports on Military.com.After announcing that up to 50,000 Navy and National Guard personnel were affected, VA Secretary Jim Nicholson said the larger numbers were discovered after the VA and Pentagon more closely examined their electronic files, according to the AP.The VA realized it had records for active-duty personnel because they are eligible for some benefits from the organization, such as educational assistance and a home loan program, the AP reports.The theft, which wasn’t made public until almost three weeks after it occurred, was initially believed to include data on 26.5 million veterans who had been discharged since 1975, along with some of their spouses. The data, contained on a laptop computer and external disk drive, was stolen from a VA staffer’s home in suburban Maryland. The names, birth dates and Social Security numbers of about 80 percent of all active-duty troops—about 1.1 million—are now believed to be included in the stolen data, the AP reports, in addition to information on 645,000 members of the Reserves and 430,000 members of the National Guard.The latest revelation outraged veterans advocates. “This confirms the VFW’s worst fear from day one—that the loss of data encompasses every single person who did wear the uniform and does wear the uniform today,” Joe Davis, spokesman for Veterans of Foreign Wars, told the AP.A class-action lawsuit filed by a collection of veterans groups demands that the VA disclose which personnel are affected by the theft and seeks $1,000 in damages for each person, up to $26.5 billion in total.In response, the VA told the AP it is consulting credit-monitoring services to determine how the affected veterans can be helped, the AP reports.Maryland authorities are also offering a $50,000 reward for information leading to the return of the stolen equipment, the AP reports. Anyone who bought a used Hewlett-Packard laptop model zv5360us or HP external hard drive after May 3 is being asked to call Montgomery County Crime Solvers at 1-866-411-TIPS (8477).Follow this ongoing story on our Data Theft at the VA page.Keep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage. — Compiled by Dave Gradijan Related content news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Vulnerabilities Security brandpost The advantages and risks of large language models in the cloud Understanding the pros and cons of LLMs in the cloud is a step closer to optimized efficiency—but be mindful of security concerns along the way. By Daniel Prizmant, Senior Principal Researcher at Palo Alto Networks Oct 03, 2023 5 mins Cloud Security news Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks. By Shweta Sharma Oct 03, 2023 3 mins Android Security Vulnerabilities news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO Risk Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe