8 Apr 2024
Officials say the incident has caused “considerable operational disruption” to its UK business and appropriate regulators have been informed because of the risk of malicious activity.
Allister Webb
Job Title
Image © Nick Beer / Adobe Stock
A major veterinary firm’s UK operations have been hit by what it described as a “cyber incident” involving “unauthorised external access” to some of its IT systems.
External consultants have been drafted in to investigate the attack on the CVS Group, which officials said had led to “considerable operational disruption”.
But the company has stressed that all of its practices have remained open, although its phone systems were affected for a time.
In a statement issued today (8 April), the company said the incident had only affected “a limited number” of its systems, which were all taken offline temporarily as part of an established response plan.
The statement continued: “Our responses to contain the threat of malicious activity have caused considerable operational disruption over the past week, but to date have been effective in preventing further external access to CVS systems.
“Specialist third-party consultants have been engaged to investigate the nature and extent of the incident and to support the response across the group.
“CVS has also proactively informed the relevant authorities, including the Information Commissioner’s Office, due to the risk of malicious access to personal information.
“While the prompt actions taken by the group have limited the cyber incident, they have resulted in disruption to UK operations.
“Through the efforts of our colleagues, we have continued to provide our usual high levels of clinical care to clients and patients at the majority of our practices.”
The company said that while IT services had been securely restored to the majority of its estate, and overseas operations were not affected at all, some systems were working less efficiently because of increased security measures.
The incident is also said to have accelerated planned changes to its systems, which are likely to impact operations for several weeks.
The statement added: “The forensic analysis is ongoing and we will continue to take all necessary steps to protect our business. The group will provide a further update in due course.”
