Hackers compromised information stored in Tricare Management Activity’s (TMA) public servers, the Department of Defense (DoD) announced on April 28. TMA administers the Pentagon’s healthcare system.

Although the hackers did not access official clinical databases, the vulnerable data included names, Social Security numbers, partial credit card numbers, phone numbers, and addresses, reports www.GovExec.com. The DoD did not reveal when the intrusion occurred.

TMA has sent letters to affected individuals advising them of the incident and the risk of identity theft. TMA will also establish enhanced security controls and monitoring tools, although the DoD statement did not specify what these enhancements are.

COMMENT: In addition to the potential for identity theft and financial issues, the hack exposes the names and personal locations of employees to security risks.