{"id":113444,"date":"2021-05-12T07:01:09","date_gmt":"2021-05-12T11:01:09","guid":{"rendered":"https:\/\/valorguardians.com\/blog\/?p=113444"},"modified":"2021-05-12T07:04:23","modified_gmt":"2021-05-12T11:04:23","slug":"200k-veterans-medical-records-may-have-been-stolen","status":"publish","type":"post","link":"https:\/\/www.azuse.cloud\/?p=113444","title":{"rendered":"200K Veterans&#8217; Medical Records May Have Been Stolen"},"content":{"rendered":"<p><a href=\"https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-113445 aligncenter\" src=\"https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap.jpg\" alt=\"\" width=\"500\" height=\"338\" srcset=\"https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap.jpg 800w, https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap-300x203.jpg 300w, https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap-768x518.jpg 768w, https:\/\/www.azuse.cloud\/wp-content\/uploads\/2021\/05\/podcast-news-wrap-493x333.jpg 493w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>If the gas pipeline hack wasn&#8217;t enough, now a database of veteran&#8217;s medical records may have been compromised by hackers.<\/p>\n<blockquote><p><a href=\"https:\/\/threatpost.com\/veterans-medical-records-ransomware\/166025\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>200K Veterans\u2019 Medical Records May Have Been Stolen by Ransomware Gang<\/strong><\/a><\/p>\n<div class=\"c-article__intro\">\n<p><em>Analyst finds ransomware evidence, despite a contractor\u2019s denial of compromise.<\/em><\/p>\n<p>A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by a vendor working for the Veterans Administration, according to an analyst, who also presented evidence the data might have been\u00a0exfiltrated by ransomware attackers.<\/p>\n<p>The VA for it\u2019s part said that the evidence may point to internal security work rather than a cyberattack.<\/p>\n<p>The files were first discovered on April 18 by researcher Jeremiah Fowler, who found the database sitting exposed online without even basic password protection. Fowler said the files made several references to United Valor Solutions. United Valor is a North Carolina-based company which \u201cprovides disability evaluation services for the Veterans Administration and other federal and state agencies,\u201d according to its site.<\/p>\n<p>Analyst Found Ransomware Evidence, Contradicting Contractor<\/p>\n<p>The exposed data included patient names, birth dates, medical information, contact information and even doctor information and appointment times, all of which could be used in socially engineered attacks, Fowler explained. The database also exposed unencrypted passwords and billing details.<\/p>\n<p>\u201cThe database was set to open and visible in any browser (publicly accessible) and anyone could edit, download or even delete data without administrative credentials,\u201d Fowler said about his findings.<\/p>\n<\/div>\n<\/blockquote>\n<div class=\"c-article__content js-reading-content\">\n<p>They found a message in the dataset.<\/p>\n<blockquote><p>Ransomware Demand Detected In Dataset<\/p>\n<p>\u201cThe dataset also contained a ransomware message titled \u201cread_me\u201d that claimed all of the records were downloaded and they would be leaked unless 0.15 Bitcoin ($8,148) was paid,\u201d<\/p><\/blockquote>\n<p>Forgive me for saying so, but $8K isn&#8217;t much for such an elaborate crime.\u00a0 Maybe they were hoping it was just small enough that it was worth paying?<\/p>\n<p>Now, in addition to me paying five dollars a gallon for gas soon, everyone will know when I got my vasectomy. *sigh*<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>If the gas pipeline hack wasn&#8217;t enough, now a database of veteran&#8217;s medical records may have &hellip; <a title=\"200K Veterans&#8217; Medical Records May Have Been Stolen\" class=\"hm-read-more\" href=\"https:\/\/www.azuse.cloud\/?p=113444\"><span class=\"screen-reader-text\">200K Veterans&#8217; Medical Records May Have Been Stolen<\/span>Read more<\/a><\/p>\n","protected":false},"author":663,"featured_media":113445,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[209],"tags":[],"class_list":["post-113444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teh-stoopid"],"_links":{"self":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/113444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/users\/663"}],"replies":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=113444"}],"version-history":[{"count":1,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/113444\/revisions"}],"predecessor-version":[{"id":113446,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/113444\/revisions\/113446"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/media\/113445"}],"wp:attachment":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=113444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=113444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=113444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}