noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Nuvalent Inc.

Nuvalent Highlights Presentation of Clinical Data at ESMO 2024 for[...]
GAVI Alliance

Forgotten pandemic: The cholera emergency in five charts
Pfizer Inc.

Pfizer’s BRAFTOVI® + MEKTOVI® Shows Long Term Clinically Meaningful[...]

U.S. Department of Veterans Affairs

09/13/2024 | News release | Distributed by Public on 09/13/2024 07:41

Lesson learned worth heeding: Use Multi-Factor Authentication

With recent data breaches nationwide, government and industry are looking at "how did they happen and what contributed to the breaches?" The answers are important. Learning from them will help us be better prepared in the future.

One common theme emerging with recent breaches is lack of multi-factor authentication (MFA) on accounts. MFA is a critical cybersecurity tactic requiring users to provide additional information beyond username and password to confirm their identity when signing into their online accounts. For example, requiring a user to also enter a unique code sent to their smartphone when signing in to add another layer of user authentication and protection against malicious actors gaining access to their account and information.

Missing MFA can have widespread consequences

The Change Healthcare security breach earlier this year is one example of bad consequences that occur when MFA is missing.

In May 2024 before Congress, UnitedHealth Group's Chief Executive Officer stated, "Unfortunately, in this situation, there was a server which did not have MFA, and it was used by the hackers to penetrate into Change Healthcare."

The Change Healthcare incident reportedly affected 77% of health care in the U.S., leaving some patients having to pay large amounts of money out of pocket for their medications because the pharmacy couldn't process their claims or their co-pay coupons.

For Veterans, as soon as VA became aware of the breach of Change Healthcare-one of our vendors-we promptly disconnected from all known systems associated with them. We restored impacted capabilities to ensure Veteran access to care. Community providers serving Veterans continued to receive payments.

Take-aways for all

All government agencies, Department staff, industry, Veterans and other users can learn from this lesson. Be sure you have MFA on all your accounts. For an overview, check out this short Multi-Authentication video.

A total 97 percent of VA staff are already using multi-factor authentication (MFA) to verify their identity before they can log in to VA systems, and we restrict access to Veteran data to only VA staff with a need-to-know basis for delivering services to the Veteran. We are closing the gap to make this 100 percent.

For individual consumers, patients, Veterans, caregivers and family members, we hope you're applying this lesson, too.

If you need more help, call your institution (such as your bank, email provider customer service line) or ask a trusted and tech-savvy family member or friend how to do so.

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format