2 months ago
10
When the so-called Department of Government Efficiency recently fired dozens of people from the US Digital Service—the agency DOGE subsumed last month—it may not have realized the extent of the collateral damage.
The USDS doesn't operate in a vacuum; part of its longtime mandate is to consult with federal agencies to help improve their digital platforms and websites. So when DOGE terminated Jonathan Kamens in its agency purge, it may not have fully grasped that it was firing the security lead for the Department of Veterans Affairs website—the digital hub that connects veterans with their benefits and hosts sensitive personal data, including medical records.
Interviews with multiple current and former VA sources, along with veterans who now work in private-sector cybersecurity, indicate that Kamens’ firing could have disastrous privacy consequences for millions of US veterans.
“I believe that his abrupt firing puts the security of veterans services at risk,” one source with knowledge of VA systems, who was granted anonymity because they fear retaliation, told WIRED about Kamens. “Eliminating the person responsible for the security of veteran information on VA.gov erodes the quality of the service for the veteran. It’s reckless.”
VA.gov is what Kamens calls “the front door” for all VA benefits. The site served more than 20 million registered users in the past 12 months, resulting in more than 53 million transactions. Veterans go there to access, among other things, financial, educational, health care, and death benefits. In other words, VA digital services are not only central to the lives of many veterans and their families but also a repository of deeply private information about their lives.
“It’s inevitable that the cybersecurity practice within VA.gov is going to suffer and that they are going to fall behind on what they are required to do in order to keep cybersecurity on VA.gov where it needs to be,” Kamens says. “And the result of that is it’s going to get worse, and eventually it will get bad enough that there will be an incident.”
Kamens was not the only person working on VA digital security and was far from the only person there who cares about safeguarding veterans' personal data. But he served a vital role in a large and important government apparatus that is notoriously strapped for resources. In particular, Kamens says, he was the only staffer working full-time on VA.gov cybersecurity and, therefore, the point person for overseeing protective upgrades and services from third-party security vendors.
“This is sensitive data that in the wrong hands can do harm to people,” Kamens says. “There was always too much work to do and not enough people to do it, and now all of a sudden I’m gone. DOGE is all about efficiency, and that is not going to make VA more efficient.”
The VA did not comment in response to WIRED's questions about changes in the cybersecurity staffing for VA.gov. In addition to cuts at USDS, more than 1,000 workers were fired from the VA itself last week. “President Trump's looking for efficiencies so that we can do our job better," said secretary of veterans affairs Doug Collins in a video statement on Thursday. “When you're doing things, you're making moves, you're making good moves, motion causes friction.”
English (US) ·