image
A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. First, a cyberattack at the U.S. Department of Veterans Affairs (VA) has impacted about 46,000 veterans, exposing their financial information. And another incident, at the U.K.’s National Health Service, exposed personal information for 18,105 Welsh citizens. Vets Caught Up in Financial Breach In the first instance, an internal tool used by the VA’s Financial Services Center (FSC) was hacked and used to intercept and steal funds that had been earmarked as payments to community healthcare providers, it said. The VA’s coverage of these payments is handled by the software tool, which contains veterans’ financial data, Social Security numbers and more. Click to register. “The exposure could have been much greater. It’s likely that security technology was in place which detected a high volume of record changes in this event as the threat actor was editing the individual financial records to divert the payments,” Ilia Sotnikov, vice president of product management at Netwrix, said via email. “Any time there is heavy, unusual activity the likelihood of a breach is high.” The FSC took the application offline once the unauthorized access was discovered – no timeline for when the breach occurred has been given. “A preliminary review indicates these unauthorized users gained access…by using social-engineering techniques and exploiting authentication protocols,”…

Source