VA sending letter to 1,501 Montana vets about business associate ransomware incident
The Great Falls Tribune reports:
The U.S. Department of Veterans Affairs Veterans Health Administration on Thursday announced actions taken to protect veterans’ personal information following a recent privacy breach involving files from the Montana VA Health Care System.
Officials said they were notified June 4, by former contractor Benefits Recovery Specialists Inc. of “a data incident involving VHA files from the Montana VA Health Care System.”
Read more on the Great Falls Tribune. It is not clear from their reporting whether the VA terminated its contract with BRSI as a result of this breach or not.
Last month, BRSI disclosed that it had discovered malware or malicious software on April 30 and that the threat actors may have begun accessing or exfiltrating data on April 20. In their notification, BRSI was not specific about the type of malware, but the Great Falls Tribune report notes that it was Maze ransomware.
The BRSI incident does not appear to be listed on the Maze ransomware leak site. DataBreaches.net sent an inquiry to the Maze operators to inquire about whether this was their attack, and will update this post if a response is received.
Unfortunately, 1,501 Montana VA patients are only a small piece of this incident. The BRSI incident was reported to HHS as impacting 274,837 patients.