NHS confirms patient data stolen in cyberattack

25 June 2024 , 11:26
612     0
NHS confirms patient data stolen in cyberattack
NHS confirms patient data stolen in cyberattack

NHS England has confirmed its patient data managed by blood test management organisation Synnovis was stolen in a ransomware attack on 3 June.

Qilin, a Russian cyber-criminal group, shared almost 400GB of private information on their darknet site on Thursday night, something they threatened to do in order to extort money from Synnovis.

In a statement, NHS England said there is "no evidence" that test results have been published, but that "investigations are ongoing".

More than 3,000 hospital and GP appointments were disrupted by the attack.

"Patients should continue to attend their appointments unless they have been told otherwise and should access urgent care as they usually would," NHS England said.

A sample of the stolen data seen by the BBC includes patient names, dates of birth, NHS numbers and descriptions of blood tests, something cyber security expert Ciaran Martin told the BBC was "one of the most significant and harmful cyber attacks ever in the UK."

There are also business account spreadsheets detailing financial arrangements between hospitals and GP services and Synnovis being taken.

The ransomware hackers infiltrated the computer systems of the company, which is used by two NHS trusts in London, and encrypted vital information making IT systems useless.

As is often the case with cyber-criminals, they also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known how much money the hackers demanded from Synnovis or if the company entered negotiations. But the fact Qilin has published some, potentially all, of the data means they did not pay.

The cyber-attackers told the BBC on an encrypted messaging service they had deliberately targeted Synnovis as a way to punish the UK for not helping enough in an unspecified war.

In NHS England’s statement it said it "continues to work with Synnovis and the National Crime Agency".

NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

Emma Davis

Cyber Crime And Hacking, Cyber attacks, Patients, NHS England

Read more similar news:

14.01.2023, 21:29 • News
Patients phoning 111 forced to wait up to 14 hours to speak to a doctor
31.01.2024, 11:05 • News
Are you happy to see a pharmacist instead of a GP? Take poll and have your say
06.02.2024, 15:52 • News
Most prefer to see GP instead of pharmacist in new NHS shake-up - poll results
27.06.2024, 15:42 • News
E.coli outbreak: One person dies and 275 infected from supermarket sandwiches
05.11.2024, 21:29 • News
NHS bosses criticize "rip-off" rates for doctor overtime
18.04.2023, 23:01 • Crime
Russian hackers 'trying to black out Britain' by targeting power stations
07.06.2023, 10:09 • Crime
Russian hackers in ultimatum to Brits working at Boots, BBC and British Airways
09.08.2023, 08:39 • Politics
Russians blamed for cyber attack that put details of 40 million voters at risk
07.09.2023, 16:21 • World
Russian web gangsters named by UK and US for hacking hospitals during Covid
18.12.2023, 13:49 • Crime
Decades-old computer law 'hampering UK's battle against cyber attacks'