CVS Group PLC has reported a recent cyber incident involving unauthorized external access to a limited number of its IT systems. The company took immediate steps to isolate the issue and temporarily took its IT systems offline to prevent wider unauthorized access. Specialist third-party consultants have been engaged to investigate the nature and extent of the incident. The incident has caused operational disruption in the UK, but efforts have been made to continue providing high levels of clinical care to clients and patients.
The company has proactively informed relevant authorities, including the Information Commissioner's Office, due to the risk of malicious access to personal information. While IT services to practices and business functions have been restored across the majority of the estate, increased security and monitoring may result in ongoing operational impact. Operations outside the UK and non-CVS hosted systems remain unaffected.
As a result of the incident, CVS Group PLC is accelerating its plans to migrate its practice management system and related IT infrastructure to the Cloud to enhance security and deliver operational efficiencies. The forensic analysis is ongoing, and the company will continue to take necessary steps to protect its business. The Group will provide a further update in due course.
CVS Group PLC expressed gratitude to its colleagues for their support and professionalism in maintaining veterinary services throughout the incident. The company operates approximately 500 veterinary practices across the UK, Australia, the Netherlands, and the Republic of Ireland, with a focus on providing high-quality clinical services to clients and their animals.