The National Veterinary Associates (NVA) has been hit by the Ryuk ransomware, impacting 400 clinics across the US.
The Californian company, which owns more than 700 animal care facilities around the world, discovered the ransomware outbreak on October 27, and hired two external security firms to investigate and resolve the attack.
The attack had temporarily locked up patient records, payment systems and practice management software.
Laura Koester, NVA’s chief marketing officer stated that it was ransomware, however the company is referring to it as a malware incident.
Koester explained that each NVA hospital runs its own IT operations therefore not all were impacted. It should be noted that all NVA’s hospitals have remained open and still seeing clients. In addition, access to patient records have been fully restored.
In a memo obtained by KrebsOnSecurity, Greg Hartmann, NVA head of technology explained that it was a supply-chain attacks.
“Because of the scale of the attack, the virus eventually found three smaller points of entry through accounts that were unaffiliated with NVA, but unfortunately opened within our network.
“Upon discovery of the incident, our technology team immediately implemented procedures to prevent the malware from spreading; however, many local systems were affected. Still, we have many hospitals whose systems are not recovered. The technology team continues to set up interim workstations at each affected hospital while they prepare to rebuild servers.”
A source told KrebsOnSecurity, that earlier this summer the NVA had suffered a separate ransomware attack involving Ryuk.
“This is the second time this year Ryuk struck NVA,” the source said. “The first time, NVA was rather open to all facilities about what happened. This time, however, they are simply referring to it as a ‘system outage.’”
The post #Privacy: Ryuk ransomware hits 400 veterinary hospitals appeared first on PrivSec Report.