Last Updated on 15/05/2021 by Khushi
image courtesy: financialtimes
A database pervaded with the medical records of nearly 200,000 U.S. military veterans was unveiled online by a vendor working for the Veteran’s Administration, in accordance to an analyst, who also presented corroboration of the data that might have been eliminated by the ransomware attackers.
The Veteran’s Administration on it’s part said that this corroboration may point to internal security work rather than a cyberattack.
These files were at first discovered on April 18 by the researcher Jeremiah Fowler, who found that the database sitting unveiled online without even the basic password protection.
The unveiled data included names of the patient, birth dates, medical information, contact information and even doctor information and appointment timings, all of which could be used in the socially engineered attacks, explained Fowler . The database unveiled the unencrypted passwords and billing details also.
“The database was put free , open and visible in any of the browsers which can be accessible to the general public and any of the people could edit, download or even delete the data without the administrative credentials,” Fowler described about his findings.
After making people about the findings to United Valor, Fowler said he had received a reply on the next day in which they thanked him and added that, “We conveyed your findings to our contractors, and they had shut down this public data access right away.”
It also added that , “According to their monitoring information , the data has only been accessed through our internal IP and yours.”
Anyways, the data told the researcher Fowler a different story.
Threatpost reached out to the United Valor for the auxiliary details or the comment but has not received a response till date.
Dirk Schrader with it’s New Net Technologies thinks that the breach was likely to the result in one of those three issues : “Either the contractors had, or still have, only the limited monitoring capacities ; the cybercriminal who had left the ransom note was able to hide the traces, which indicates other, even the bigger issue; or the United Valor Solutions are trying to elude the consequences.”
The Veteran’s Administration told Threatpost that it is actively investigating the current situation – and that it appears that the pen-testing could be the culprit, rather than any other hostile activity.
He further added, “Veterans Benefits Administration (VBA) Privacy Office is presently working with the Medical Disability Examination Officer (MDEO) and contractors to make further investigations about the professed incident. I’m addition, our Veteran’s Administration Data Breach Response Service continues it’s efforts to investigate independently. We will provide you with the additional info as once we become aware.”
