Veterans nationwide are reporting their disability pay was re-routed through an e-Benefits hack directing payments to unknown bank accounts linked to pre-paid debit cards. Meanwhile, various news outlets are reporting an unusual spike in pre-paid credit cards funding political campaigns with potentially anonymous donors.
Subscribe to our weekly newsletter and stay up to date.
Is there a connection? Are veterans being exploited for political gain… again…?
Probably, at least to the second question. When are veterans not used as a political football during a hotly contested election by both political parties?
However, here, the link between the current veteran pre-paid debit card scheme and unemployed donors to Democratic fundraisers using pre-paid credit cards to somewhat mask the source of the money has not been proven, at least not yet.
The Department of Justice and some Attorneys General are supposedly looking into the root of the cyber burglary impacting veterans as well as VA OIG.
But even without a link, it is important we gain more understanding into why politicians have allowed our VA IT systems go without proper security protocol, and why those same politicians have yet to hold anyone inside VA accountable for continued failure to implement proper cybersecurity measures.
Let’s take a look…
Last Week’s News
VA admitted by press release last week that 46,000 veterans had their private information hacked from its e-Benefits system. The admission preceded testimony from the Government Accountability Office that VA has failed to take appropriate steps to protect veteran data despite years of knowing about vulnerabilities.
A recent example of how this played out in real life is the case of Shannon Toombs, a single mom with a 100% disability rating who relies on her monthly check to live.
Toombs reportedly fought with the Department of Veterans Affairs for over a month when she noticed her disability pay did not come through. After some research, she learned her monthly funds were rerouted to a prepaid debit card administered by American Express that she knew nothing about.
For those reading this story without an understanding of why it matters – – veterans like Toombs receives over $3,000 per month due to their military service-connected disabilities. In this instance, she relies on that money to pay for rent, gas, groceries, and other costs each month.
To make this simple for my more affluent readers in the Beltway, when her money was stolen, it was a big deal. She needs that money.
Toombs learned the e-Benefits gateway on VA’s website was unlawfully accessed. Whoever engaged in the illicit scheme then rerouted the funds by providing a different bank account and routing number Toombs did not know existed and loaded pre-paid debit cards with the funds.
Remember this concept of “pre-paid” as you read the news in the near future.
The pre-paid debit cards were apparently under the control of American Express called Blue Bird prepaid cards. Toombs contacted the company resulting in a fraud department lockdown on at least those cards implicated.
The Marine veteran later reported to ABC affiliate WATE News, “There was a breach, and I wasn’t the only veteran impacted. I was one of those who was able to catch it in time.”
WATE News further reported, “It turns out, veterans around the country had similar experiences as Toombs encountered. Cases have been investigated in several states where e-benefits accounts were fraudulently accessed and monthly direct deposits re-routed to banks the veterans had no financial relationship with.”
This story was reported two days after the Government Accountability Office reported on VA’s continued failure to fully address vulnerabilities within its IT systems. Four days earlier, VA issued a press release indicating 46,000 veterans were impacted by a significant data breach.
Those affected by the breach would receive a whooping one-year free credit monitoring paid for by the agency. I would guess VA is using some of its astounding $4 billion IT budget to cover the cost.
So what, right? Why doesn’t the agency take more of its $4 billion to simply fix the problem? And, where is the money going for these IT contracts?
This all may seem innocuous to some except for the large number of veterans swindled right under VA’s nose. One part of this story, as well as the topic I reported on two days ago about community care providers also being swindled of funds in the same scheme, is the size and sophistication while also seeming trite by rerouting the funds to prepaid debit cards.
The other part is the common thread here between pre-paid card types, whether debit cards or credit cards, when used to illegally funnel money between one entity to another.
In Related News: Fake Political Donors Suspected In Another Possible Scheme
Some of you may have noticed a few headlines from Conservative news websites recently addressing the trend of reportedly unemployed people donating funds using prepaid credit cards making the transactions difficult if not impossible to track.
There is growing suspicion about the use of “straw” donors who may be little more than a few lines of computer code rather than a real person using prepaid cards to skirt the pollical system when it comes to political contributions.
Money laundering schemes using pre-paid cards and other mechanisms is not insignificant. Reuters reports that data from EverCompliant, a U.S.-Israeli electronic money laundering detection and prevention company, “showed that some $500 billion is laundered annually through fraudulent e-commerce transactions over credit, debit, prepaid and other cards.”
In the context of campaign finance, fraudulent fundraising could pose significant threats to the American election process.
In the past, the Washington Post reported on the problem in 2008 addressing the issue of unauthenticated political donations “allowing donors to use largely untraceable prepaid credit cards that could potentially be used to evade limits on how much an individual is legally allowed to give or to mask a contributor’s identity.”
So, this issue of using pre-paid payment systems has been used for some time, and various news outlets have wondered if the fundraising mechanisms were illicit.
It is certainly worth looking into.
Some Past Issues
When you peel back the layers, I can hypothesize how these arrangements may be connected. If you think about it, lax IT security protocol at VA continuously fails to prevent veterans’ data from being exploited in a variety of schemes.
Currently, we know funds are being diverted from veterans and community care providers (doctors) into prepaid debit cards. It is plausible this practice is not just limited to diversion of funds into debit cards either, but also likely other forms of prepaid cards.
We also know prepaid credit cards were previously highlighted by Washington Post, and now Fox News, as being a means by which political parties are receiving funds from potential “straw” donors. It seems possible this mechanism is used by lowlifes within both Republican and Democrat circles and hopefully not a widespread issue.
Are these two issues connected?
Let’s leave that to the relevant law enforcement agencies to decide.
Back To The Backlog
Since VBMS is one of the systems mentioned in the GAO report, I want to at least address the continued IT security problem that continues to plague veterans.
To get there, it is worth addressing the backstory.
Between 2013-14, many critics, including myself, believed the appeals modernization proposals were flawed and that the money was not being spent properly. I still believe that to be the case, and the persistent backlog problems seem to support my longstanding position.
The backlog served as the driving political force to reform the claims and appeals system that many veterans believe made the process more confusing, not less. It also reduced certain rights veterans previously enjoyed.
So what is going on?
Over the past few years, I have seen various reports and posts from former VA senior officials starting companies aimed at fixing and/or managing the same benefits adjudication systems they were responsible for implementing while at VA.
It does seem curious that many of the same senior VA officials who overhauled the old system to implement the new system later came back to VA after retiring or stepping down to then work at VA in a contractor capacity.
Should we be relying on these individuals to fix the system a second time? Let’s fix VA’s systemic IT problems the right way, right-away, right?
This leads me to my next question.
Is VA Broken On-Purpose?
This is a rhetorical question. I certainly hope the answer is a loud “No, VA is not broken on purpose!”
But one has to wonder why the agency’s IT system continues to have cybersecurity flaws so large that veterans’ data keeps landing in the hands of criminals. If it is broken on purpose, or at least is allowed to remain unfixed in the manner recommended by GAO, who is responsible?
Why is it are the security issues persisting after five years?
Maybe, some day, we will know the answer. Based on the recent GAO report, we know VA has yet to implement many of the IT fixed recommended since 2015.
We know billions in taxpayer dollars have been wasted chasing the pipe-dream that IT will fix our very human problems within VA. The agency needs more accountability, a greater number of employees, and less, not more, reliance on systems as the sole silver bullet fix.
I still remember the numerous hearings former Undersecretary Allison Hickey testified at where she promised, over and over, that implementation of the electronic claims processing system called VBMS would be the magic silver bullet.
Now, we know based on the GAO’s testimony that the agency’s IT systems have not fully completed the VBMS project – – at least not in the way GAO recommended. Did at least someone reasonably know within the agency that the IT projects were not on a correct timetable for perfection?
Since 2015, VA has yet to fully implement VBMS, and it has only implemented one of five recommendation from GAO following audits since that time as recently as testimony delivered last week:
“In September 2015, GAO reported that VA had made progress in developing and implementing VBMS, but also noted that additional actions could improve efforts to develop and use the system. For example, VBMS was not able to fully support disability and pension claims, as well as appeals processing. GAO made five recommendations aimed at improving VA’s efforts to effectively complete the development and implementation of VBMS; however, as of September 2020, VA implemented only one recommendation.”
What is the hold up? Are these delays more to do with robbing from Peter to pay Paul? Are the resultant backlogs simply a way to control paying veterans what we are due?
The IT budget at VA and the federal government is out of control.
Those funds go to projects that can disappear without a trace when one computer is unplugged, so it is significantly harder to track the value when compared to, let’s say, the building of a hospital.
Has our data and the agency’s IT budget become a slush fund for political favors? Are the funds being illicitly diverted going into at least some of the coffers of political insiders? Why are we still struggling to implement a new electronic health record system after spending billions of taxpayer dollars over the past two decades?
What is really going on? Why is no one asking the deeper questions?
We do not know all the answers to these questions, but, if there is any community that is willing to dig in to find the answers, it is the veteran community.
Also, about the 46,000 veterans who are victims not only of the illegal hacking scheme but VA’s own apparent negligence, here is what one veteran said in response to my article two days ago:
“I am one of the 46,000 veterans. When I discovered what occurred, you can imagine how I felt. Of course, no one at the VA cares. They all just shrug their shoulders and say ‘not my fault’ or ‘not my problem.’ This fiasco is just another item to add to the list regarding the ways the VA has made my life worst. I lost all faith in the VA a while ago. I wish they would come right out and say they hate veterans. It is obvious by the way they treat us.” (comment bolded for emphasis).
With all those billions, (VA’s budget is now over $200 billion annually), I am not sure how the agency still continues to disenfranchise veterans like the one I am quoting above.
Please let me know what your thoughts are in the comments below.