On Friday, the Amarillo VA Health Care System announced that the Veterans Health Administration (VHA) is notifying 2,302 veterans of a potential breach of their protected health information (PHI) following a cybersecurity attack on DBP, Inc., a contracted medical transcription vendor.
The breach, which targeted DBP, Inc.'s systems, may have exposed sensitive data, including veterans’ full names, medical record details, and Social Security numbers. According to the VHA, the attack did not compromise any medical record information within the VA’s electronic health record system. However, files stored on the DBP, Inc. server were “locked down” and may have been copied by the attacker.
Vendor Response and System Protections
DBP, Inc. responded swiftly to the attack, taking measures to shut down the affected server and disconnect from the internet to halt further breaches. The company has since upgraded its hardware and implemented advanced security controls. The Department of Veterans Affairs continues to collaborate with DBP, Inc. to ensure the implementation of robust security measures to prevent similar incidents in the future.
Impact on Amarillo VA Health Care System
Out of the 2,302 affected veterans nationwide, 1,069 are from the Amarillo VA Health Care System. This group includes veterans who receive care in Amarillo, Lubbock, Clovis (New Mexico), Childress, and Dalhart. Those impacted will receive a Privacy Notification Letter detailing the specific information that may have been compromised.
Support for Affected Veterans
Veterans with questions or concerns about the potential exposure of their personal information can contact a dedicated hotline at 1-844-838-5433 during weekday hours of 8 a.m. to 4:30 p.m. Privacy Officers at local medical centers will return calls within two business days.
The Amarillo VA Health Care System emphasized its commitment to the privacy and security of veterans’ information. “We take these matters very seriously and are working diligently to address the situation and safeguard our veterans’ information,” said a spokesperson.
Veterans are encouraged to remain vigilant, monitor their financial accounts, and report any suspicious activity as a precaution against identity theft.
Steps Moving Forward
The VHA has assured the public that it will continue its investigation and oversight of DBP, Inc. to ensure that all necessary precautions are taken to prevent future breaches. The VA’s electronic health record system remains secure and was not affected by this attack.
.jpg)
