Fired cybersecurity chief for Veterans Affairs site warns that health
and financial data is at risk
 [February 26, 2025]
BOSTON (AP) — Sensitive financial and health data belonging to
millions of veterans and stored on a benefits website is at risk of
being stolen or otherwise compromised, according to a federal employee
tasked with cybersecurity who was recently fired as part of massive
government-wide cuts.
The warning comes from Jonathan Kamens, who led cybersecurity efforts
for VA.gov — an online portal for Department of Veterans Affairs
benefits and services used by veterans, their caregivers and families.
Kamens was fired Feb. 14 and said he doesn't believe his role will be
filled, leaving the site particularly vulnerable.
“Given how the government has been functioning for the last month, I
don’t think the people at VA ... are going to be able to replace me,”
Kamens told The Associated Press Monday evening. “I think they’re going
to be lacking essential oversight over cybersecurity processes for
VA.gov."
Kamens said he was hired over a year ago by the U.S. Digital Service,
whose employees' duties have been integrated into presidential adviser
Elon Musk's Department of Government Efficiency, which is leading the
downsizing effort. Kamens was a digital services expert and the VA
site's information security lead when he was fired by email at night,
along with about 40 other USDS employees, he said.
Millions of people use the VA.gov website monthly, Kamens said, and the
department is responsible for securing private health and financial
information including bank account numbers and credit card numbers.
Others on the team will focus on protecting the site, but his expertise
can't be replaced, he said, noting he was the only government employee
with an engineering technical background working on cybersecurity.
“VA.gov has access to a huge number of databases within VA in order to
provide all of those benefits and services to veterans,” Kamens said.
“So if that information can’t be kept secure, then all of that
information is at risk and could be compromised by a bad actor.”
[to top of second column]
|
 Peter Kasperowicz, a Veterans
Affairs spokesman, said the loss of a single employee wouldn't
affect operations, and noted that hundreds of cybersecurity workers
are among the department's staff of nearly 470,000.
Meanwhile, more than 20 civil service employees who'd also
previously worked for USDS resigned Tuesday from DOGE, saying they
refused to use their technical expertise to “dismantle critical
public services.”
Kamens said he was required to have a background check and a drug
test before he was allowed to access any system containing veterans’
data. He said he doesn't understand why Musk and DOGE shouldn't have
to jump through the same hoops.
“I don’t think they should have access to that data,” Kamens said.
“These are people who have never been background-checked. They’re
not confirmed to be trustworthy.”
Kamens also said he’s worried that DOGE is “trying to break down the
walls of decentralization” that have kept data isolated in
individual agencies. Centralization, he said, could increase the
chances for abuse. He also described confusion since DOGE became
involved — people didn't know who their manager was, work became
isolated, and people were “frozen out.”
“The only motive that I can think of,” Kamens said, "is exactly
because they want to be able to use that data to harm citizens that
they perceive as enemies of the state.”
____
Witte reported from Annapolis, Maryland.
All contents © copyright 2025 Associated Press. All rights reserved |
