In February 2014 , attackers compromised the VFW's website and planted malicious code that infects users' system with malware who visits vfw.org from vulnerable Internet Explorer versions. The attack was believed to be originated from China.
An investigation into the incident shows that names, addresses and social security numbers of approximately 55,000 VFW members were compromised in the breach.
The letter dated April 4 said back in March VFW became aware of the security breach.
"VFW has been informed that the purpose of the attack wasn't identity theft, but rather to gain access to information regarding military plans or contracts" The letter reads.
VFW said they are offering one free year of identity theft protection services from AllClear ID to the affected members.