Puppies

UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country.

CVS Group operates 500 veterinary practices throughout the UK, Australia, the Netherlands, and the Republic of Ireland, including nine specialist referral hospitals, 39 dedicated out-of-hours sites, three laboratories, and seven pet crematoria.

The company employs 9,100 people, including 2,400 veterinary surgeons and 3,400 specialized nurses.

In an announcement published on the London Stock Exchange site, CVS Group warns that threat actors gained unauthorized access to some of its IT systems. The firm responded to the situation by shutting down its IT systems, which impacted its operations.

"CVS Group announces it has recently detected and intercepted a cyber incident which had involved unauthorised external access to a limited number of its IT systems," reads the announcement.

"Upon discovery of the incident, CVS took immediate steps to isolate the issue and, to prevent wider unauthorised access, took its IT systems temporarily offline, as part of the Group's response plan."

"Our responses to contain the threat of malicious activity have caused considerable operational disruption over the past week, but to date have been effective in preventing further external access to CVS systems."

CVS says it has engaged third-party specialists to help it investigate the incident and restore IT services safely across its clinics. The process of restoration is underway, and good progress has been made.

The company noted that the incident impacts only UK practices, as operations outside the UK are not hosted on CVS infrastructure.

The notice also disclosed that the cyber-incident has accelerated the strategic plan to migrate all IT infrastructure to the cloud, which, according to CVS, will provide enhanced security and operational efficiency.

This planned migration is expected to extend the period of operational disruption for UK-based practices by several weeks, estimates CVS.

The announcement does not mention anything about the possibility of a data breach impacting CVS personnel or customers. BleepingComputer has contacted CVS with questions about this but a comment wasn't immediately available.

At the time of writing this, no ransomware groups have assumed responsibility for the attack at CVS Group.

Related Articles:

London hospitals cancel over 800 operations after ransomware attack

City of Cleveland shuts down IT systems after cyberattack

London hospitals face blood shortage after Synnovis ransomware attack

The Week in Ransomware - May 10th 2024 - Chipping away at LockBit

Ascension redirects ambulances after suspected ransomware attack