Vet firm CVS suffers cyber breach

Breach has accelerated cloud transformation

Vet firm CVS suffers cyber breach

One of the UK's largest veterinary groups has told authorities about a potential breach of personal information, after it fell victim to a cyberattack.

With approximately 500 veterinary practices globally, mostly in the UK, CVS Group is one of the country's largest vet businesses.

In an announcement on the London Stock Exchange site, CVS Group said the hackers managed to gain unauthorised access to some of its IT infrastructure, leading to disrupting operations across its network.

"CVS Group announces it has recently detected and intercepted a cyber incident which had involved unauthorised external access to a limited number of its IT systems," reads the announcement.

Although CVS Group has not said exactly what data the attackers accessed , it has notified authorities, citing the risk of malicious access to personal information.

The intrusion prompted the company to temporarily shutdown computer systems across its practices and broader business functions to contain the breach.

The firm acknowledged ongoing challenges as a result of the cyberattack.

While IT services have largely now been restored, some systems are operating less efficiently due to heightened security measures and ongoing monitoring.

CVS Group's UK operations, where 450 of its 500 practices are located, bore the brunt of the attack. Its international branches in Australia, the Netherlands and the Republic of Ireland were largely unaffected.

CVS Group has contracted a team of external cyber experts to investigate, and also informed the Information Commissioner's Office (ICO) about the breach. Again, it citing concerns over potential malicious access to personal information, but did not specify whether the information pertains to customers, staff or suppliers.

No group has claimed responsibility for the attack at the time of writing.

Silver lining

The cyber incident has expedited CVS Group's plan to migrate all IT infrastructure to the cloud.

"As a result of this incident, the Group is accelerating its plans to migrate its practice management system and related IT infrastructure to the cloud to both provide enhanced security across our estate and to deliver operational efficiencies," the company said.

The cyberattack comes as the UK's veterinary industry is under scrutiny from regulatory authorities. The Competition and Markets Authority (CMA) recently launched a formal investigation into potential abuses within the sector, following concerns about inflated pricing for pet treatments.

The CMA's inquiry garnered immense public attention, with tens of thousands of individuals voicing their concerns.

CVS Group, listed on London's Alternative Investment Market (AIM) with a pre-hack valuation of £680 million, remains under close observation as it navigates the aftermath of the cybersecurity breach.