The Minneapolis Veterans Affairs Medical Center has experienced two distinct and significant data breaches within a seven-month period, revealing multifaceted vulnerabilities in its data protection protocols.
On June 24, 2025 the Minneapolis VA Medical Center confirmed a data breach incident, in which unauthorized personnel accessed and disclosed veterans’ patient information. This data breach primarily exposed information on paper and in films. This sort of a breach is especially concerning, because it raises questions about the physical security of our veterans’ confidential records.
The center reported that the latest data breach has affected at least 1,099 individuals whose medical records were stored according to the VA’s protocol. “The incident has prompted an urgent evaluation of data protection practices within the organization.”
In November of 2024, a cyberdata breach affected this same facility. A malicious party encrypted and potentially copied over 600 veterans documents with sensitive information, including full names, medical records and social security numbers. At the time the documents were being managed by DBP, Inc. who “shut down the server disconnected from the internet, purchased new hardware, and created new security controls on the equipment.” According to WCCO News, DBP and the federal officials are working together to ensure proper security measures have been put in place to prevent future cyber attacks.
Both of these incidents highlight where vulnerabilities exist in the VA’s cybersecurity and its internal physical record management. The combined impact of these breaches demonstrates the importance of needing not only good cybersecurity, but also the importance of protecting and safely storing physical files. In the digital age it is easy to forget that attacks can come in a physical form as well– whether someone takes physical files or steals a computer.
As you complete your annual HIPAA Security Risk Audit with the TLD Systems tools, you will find that we help you to close potential vulnerabilities to not only cyberattacks, but to nefarious parties gaining physical access to your computers and to your paper records.
If you have not updated your policies, procedures and protocols in the past year please contact TLD Systems to complete your annual update. If you have not used TLD Systems in the past please contact us to see how we can provide a cost effective tool to assist with your annual Security Risk Audit, You will find that the money you spend to have us assist you will save you time and money in the long run over trying to do this yourself.
For more information contact TLD Systems at
(631) 403 6687
Read Comments