• 5
  • Hospitals
  • 5
  • NC
  • 5
  • Charles George Department of Veterans Affairs Medical Center

Charles George Department of Veterans Affairs Medical Center

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The Charles George VA Medical Center in Asheville, North Carolina, experienced a data breach that was reported on July 7, 2023. This breach affected the personal information of more than 1,541 veterans. The incident involved an email sent on May 12 that inadvertently disclosed personally identifiable information (PII) and protected health information (PHI) of the veterans. The email, which included an attachment with sensitive information, was mistakenly sent through Secure Messaging to three veterans. Two of the recipients opened the email before it could be recalled[1][5].

The VA Medical Center took immediate action to mitigate the breach by attempting to delete the information from recipients who had not yet opened the communication. An investigation was initiated, and it was determined that a data breach had occurred. The affected individuals were alerted about the potential risk to their personal information, and the department offered access to credit monitoring services at no cost, especially to those whose social security numbers may have been compromised[1][5].

Veterans whose information was involved were advised to follow the instructions in a letter sent by the VA Medical Center to protect their data. Those who did not receive an alert by mail were not affected by the incident and did not need to take any action. Veterans with concerns or questions about the breach were provided with contact information for the VA Medical Center’s Privacy Officer[1][5].

U.S. Congressman Chuck Edwards sought updates from the Charles George VA Medical Center regarding the breach and the measures taken to improve data security. In a letter to the medical center’s leadership, Edwards requested information on the exact number of veterans affected, the number of veterans who utilized the free credit monitoring services, any reports of identity theft or fraud as a result of the breach, and the policies and procedures put in place to prevent future breaches[7][13].

Citations:

  1. https://wlos.com/news/local/charles-george-va-medical-center-data-breach-asheville-north-carolina-veterans-affairs-personal-information-reported
  2. https://skillbridge.osd.mil/locations.htm
  3. https://www.foxcarolina.com/2023/07/09/va-medical-center-nc-notifies-veterans-email-breach/
  4. https://www.fairfaxcounty.gov
  5. https://www.citizen-times.com/story/news/local/2023/07/10/asheville-va-center-data-breach-veterans-personal-data-leaked/70397735007/
  6. https://www.nbcnews.com
  7. https://edwards.house.gov/media/press-releases/edwards-seeks-updates-charles-george-va-medical-center-data-breach
  8. https://www.sandiegouniontribune.com
  9. https://www.idstrong.com/sentinel/charles-george-va-medical-center-breach/
  10. https://www.foxnews.com/media
  11. https://www.healthleadersmedia.com/technology/charles-george-va-medical-center-nc-data-breach-reported-more-1500-veterans-impacted
  12. https://ksltv.com
  13. https://edwards.house.gov/sites/evo-subsites/edwards.house.gov/files/evo-media-document/081123-va-letter.pdf
  14. https://www.nytimes.com/2023/06/15/magazine/doctors-moral-crises.html
  15. https://www.idstrong.com/data-breaches/charles-george-va-breach/
  16. https://theconversation.com/us
Breach Submission Date Jul 11, 2023
Converted Entity Name Charles George Department of Veterans Affairs Medical Center
Converted Entity Type Healthcare Provider
State NC
Individuals Affected 1,541
Breach Type Unauthorized Access/Disclosure

Breach Information Location Email

Business Associate Present Yes