Department of Veterans Affairs (VA) employees improperly accessed the medical files of vice presidential candidates Sen. JD Vance (R-Ohio) and Minnesota Gov. Tim Walz, with a Justice Department investigation currently underway, the VA confirmed Monday. The Washington Post first reported the breach, noting that at least a dozen employees accessed Vance's and Walz’s records this summer, a violation of federal health privacy laws.   A statement from VA press secretary Terrence Hayes to The Hill confirmed that the department “reported to law enforcement allegations that VA personnel may have improperly accessed Veteran records.”  “We take the privacy of the Veterans we serve very seriously and have strict policies in place to protect their records,” Hayes said. “Any attempt to improperly access Veteran records by VA personnel is unacceptable and will not be tolerated.” He would not say when the breach was discovered or when the respective campaigns were notified, referring additional questions to the Justice Department, which did not immediately respond. Vance, former President Trump’s running mate, served for four years in the Marine Corps directly after high school and had one tour in Iraq in 2005 as a combat correspondent. Walz, meanwhile, enlisted in the Army National Guard at 17, serving for 24 years before retiring in 2005 to run for Congress. The employees, who used their VA computers to get into the records mostly from their government offices, viewed the information over July and August, according to The Washington Post. The incidents were discovered in August during a security sweep of the VA’s high-profile health accounts, sources told the outlet. CNN reported that Vance’s team was alerted of the breach roughly two months ago, when an employee in the VA inspector general’s office reached out. A Harris campaign spokesperson also told the media outlet it had been informed. The Trump and Harris campaigns did not respond to requests for comment from The Hill. After the breach, VA Secretary Denis McDonough sent a message to all department employees, reminding them of the rules on veterans’ privacy. “Veteran information should only be accessed when necessary to accomplish officially authorized and assigned duties as an employee, contractor, volunteer, or other personnel,” he wrote in the Aug. 30 missive. “Viewing a Veteran’s records out of curiosity or concern — or for any purpose that is not directly related to officially authorized and assigned duties — is strictly prohibited.” McDonough noted that any failure to comply with the rules could result in disciplinary action, “including removal, as well as referral to law enforcement for civil penalties and criminal prosecution.”