News and Updates on Information Technology

United States – US Veterans Administration (VA)

Exploit: Ransomware

Veterans Administration: Federal Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.722= Severe

The VA has found itself in the cybersecurity hot seat again after a data breach at a records contractor exposed more than 200,000 records for veterans. The contractor, United Valor Solutions, appears to have been the victim of a ransomware attack. Researchers found a trove of their data online, including this sensitive VA data. The VA has announced that its Veterans Benefits Administration (VBA) Privacy Office is currently working with Medical Disability Examination Officer (MDEO) and contractors to further handle the incident, with the VA Data Breach Response Service investigating independently.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.722= Severe

The exposed records contain included patient names, birth dates, medical information, contact information and even doctor information and appointment times, unencrypted passwords and billing details for veterans and their families, all of which could be used in socially engineered spear phishing or fraud scams.

Customers Impacted: 200,000

How it Could Affect Your Customers’ Business Ransomware is the gift that keeps on giving for medical sector targets. Not only are those victims facing expensive investigation and recovery costs, but they can also expect a substantial HIPAA fine and possibly more regulatory scrutiny.