DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

VA sending letter to 1,501 Montana vets about business associate ransomware incident

Posted on July 24, 2020 by Dissent

The Great Falls Tribune reports:

The U.S. Department of Veterans Affairs Veterans Health Administration on Thursday announced actions taken to protect veterans’ personal information following a recent privacy breach involving files from the Montana VA Health Care System.

Officials said they were notified June 4, by former contractor Benefits Recovery Specialists Inc. of “a data incident involving VHA files from the Montana VA Health Care System.”

Read more on the Great Falls Tribune. It is not clear from their reporting whether the VA terminated its contract with BRSI as a result of this breach or not.

Last month, BRSI disclosed that it had discovered malware or malicious software on April 30 and that the threat actors may have begun accessing or exfiltrating data on April 20. In their notification, BRSI was not specific about the type of malware, but the Great Falls Tribune report notes that it was Maze ransomware.

The BRSI incident does not appear to be listed on the Maze ransomware leak site.  DataBreaches.net sent an inquiry to the Maze operators to inquire about whether this was their attack, and will update this post if a response is received.

Unfortunately, 1,501 Montana VA patients are only a small piece of this incident. The BRSI incident was reported to HHS as impacting 274,837 patients.

Category: Breach IncidentsCommentaries and AnalysesHealth DataMalwareOf NoteSubcontractor

Post navigation

← Ca: Employee charged in 407 ETR data breach involving 60,000 customers
Ongoing Meow attack has nuked >1,000 databases without telling anyone why →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.