A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. First, a cyberattack at the U.S. Department of Veterans Affairs (VA) has impacted about 46,000 veterans, exposing their financial information. And another incident, at the U.K.’s National Health Service, exposed personal information for 18,105 Welsh citizens. Vets Caught Up in Financial Breach In the first instance, an internal tool used by the VA’s Financial Services Center (FSC) was hacked and used to intercept and steal funds that had been earmarked as payments to community healthcare providers, it said. The VA’s coverage of these payments is handled by the software tool, which contains veterans’ financial data, Social Security numbers and more. Click to register. “The exposure could have been much greater. It’s likely that security technology was in place which detected a high volume of record changes in this event as the threat actor was editing the individual financial records to divert the payments,” Ilia Sotnikov, vice president of product management at Netwrix, said via email. “Any time there is heavy, unusual activity the likelihood of a breach is high.” The FSC took the application offline once the unauthorized access was discovered – no timeline for when the breach occurred has been given. “A preliminary review indicates these unauthorized users gained access…by using social-engineering techniques and exploiting authentication protocols,”…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-09-15 18:02:002020-09-15 18:02:00Data Breaches Exposes Vets, COVID-19 Patients
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org