Operations at the UK-based veterinary services provider CVS Group are facing disruption due to an evolving cyber incident of undisclosed nature. This has led the organization to shut down key IT systems as a precautionary measure. CVS, listed on AIM (Alternative Investment Market), clarified that it is not affiliated with the American retail pharmacy chain bearing the same name. The cyber attack involved unauthorized external access to a limited number of IT systems.

The company swiftly responded by taking affected systems offline to contain the incident. While this has caused significant operational disruption, CVS managed to prevent further access. It is currently collaborating with third-party security experts to resolve the issue and has notified relevant authorities, including the Information Commissioner’s Office (ICO).

Despite the disruption, CVS assured that it continues to provide clinical care at most of its practices. However, the restoration of IT services across its estate may lead to ongoing operational impacts. Operations outside the UK and non-CVS hosted systems remain unaffected.

Employing thousands of veterinary professionals, CVS operates numerous practices across several countries, with only its UK services affected by the cyber incident. To enhance security, CVS plans to expedite the migration of its IT infrastructure to the cloud, which may cause further operational impacts in the coming weeks.

While the nature of the incident suggests a ransomware attack, CVS has not confirmed this, and no ransomware group has claimed responsibility. Despite the attack, experts commend CVS for its swift recovery efforts, indicating an improvement in companies’ ability to detect and respond to cyber threats. This incident underscores the importance of raising awareness and strengthening cybersecurity measures in light of increasing cyber threats globally.

Article Credit: ComputerWeekly