How many intrusion attempts does VA get each month?

Lower than earlier this year
By Erin McCann
10:18 AM
Share
Shield with computer code

Think you've seen a lot of intrusion attempts and malware at your hospital? The U.S. Department of Veterans Affairs, which operates some 1,700 hospitals and healthcare facilities, reported more than 235 million blocked intrusion attempts just for the month of August. 

In its monthly report to Congress, VA's office of information and technology together with the office of information security reported that in August the agency notified 431 individuals that their personal data may have been compromised due to a security incident.

[See also: VA remains one of top privacy offenders.]

That may not seem like a lot, considering VA provides healthcare to more than 6.4 million individuals, but the numbers add up. Over the past 11 months, VA has on average notified more than 1,500 individuals each month that their data may have been compromised.

As far as trends go, the overall intrusion attempts the agency blocked in August -- just over 235 million -- it's lower than the numbers reported from March 2015 to July 2015. Over the past 11 months, the agency has seen on average more than 182.4 million intrusion attempts.

In addition to the intrusion attempts, VA also reported nearly 588 million malware blocked or contained.

[See also: VA's use of Yammer made for PHI, data security risk and FBI issues alert for IoT device security.]

And as far as outgoing unencrypted emails go, the agency blocked 15,694. However, there were 72 related privacy or security events related to these emails.

Other data included in the August report to Congress:

Lost PIV cards: 117
Mishandled incidents: 84
Lost and stolen devices incidents: 47

VA hasn't exactly had a track record for keeping its data secure. Just last month, VA's office of inspector general published a report highlighting the agency's improper use of Web-based communication platform Yammer. Because the platform is neither approved nor monitored by the agency, the use put protected health information at risk, according to the report.

Moreover, according to a 2013 investigation conducted by the Pittsburgh Tribune-Review, the agency is actually one of the top security offenders, responsible for more than 14,000 privacy breaches from 2010 through May 2013.