Hackers Publish Stolen Blood Test Data From London Hospitals

The cybercrime group known as Qilin, who are believed to be Russian, have now published sensitive data stolen from an UK National Health Service (NHS) blood testing company Synnovis. 

The affected  NHS patients have had their names, dates of birth and other private information published online by the  hackers who targeted the blood testing firm which services major London hospitals.

The cyber attack has caused chaos in the capital after IT systems were effectively made useless, with the group demanding a £50 million ransom. Healthcare organisations are especially at risk of such attacks given the time-critical nature of systems they run, their role in patient care, as well as the fact that they hold large large amounts of highly personal information.

On the 20th June, Qilin published almost 400GB of the private information on their Darknet site. Services at large London hospitals including Guy's, St Thomas' and King's services were still being disrupted following the attack by hackers reportedly demanding ransom from Synnovis, a lab company which provides testing services.

Qirin has been trying to extort money from and NHS provider Synnovis after they hacked the firm on 3 June. The stolen data includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are included with the data. There are also accounting spreadsheets detailing financial arrangements between the hospitals, GP services and Synnovis.

The Synnovis incident is one of the worst cyber attacks ever in the UK with more than 3,000 hospital and GP appointments and operations affected by the disruption to pathology services.

The ransomware hackers infiltrated the computer systems of the company used by two NHS trusts in London and encrypted vital information making IT systems useless. They also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known if Synnovis or its advisors have yet entered negotiations, however, the fact Qilin has published some, potentially all, of the data means that the company has not paid any ransom so far. Law enforcement agencies around the world typically urge victims of ransomware not to pay as it both rewards criminal enterprise and is  guarantee that the stolen data will be returned intact.

NHS England released a statement saying, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

Andrew Hollister, CISO LogRhythm, commented "This latest development in the Synnovis cyberattack shows the far-reaching consequences that successful ransomware attacks have on their victims and how this extends beyond the initial target. The attack has not only put patient’s physical well-being at risk, but now we’re seeing highly sensitive personal details being compromised...   

 "Quite apart from the significant privacy implications, it also leaves affected individuals vulnerable to more targeted threats, such as phishing, due to the potential of this personal data getting into the wrong hands."      

There is nothing such as 100% secure, but one of the most important ways organizations can reduce risk is by doing the basics of cybersecurity right.

"Implementing two factor authentication, performing awareness training and establishing a regular program of patching and data back-ups are the foundations of a solid security program. The effects of ransomware attacks are often felt for years after the incident, and organisations should continually review their preparedness and take action to reduce risk as much as possible." Hollister said. 

Reuters   |   Standard   |   BBC   |   Techradar    |    Mail   |   Mail

Image: Unsplash

You Might Also Read: 

Spanish Healthcare Service Works On Resilience:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Artificial Intelligence Is Changing Education 
Five Reasons Your Organization Needs API Security Testing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Duo Security

Duo Security

Duo combines security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

IXDen

IXDen

IXDen provides a novel software-based approach to OT systems protection, covering Industrial IoT cybersecurity and sensor data integrity.

M2SYS

M2SYS

M2SYS is a worldwide leader in identification and authentication solutions.

Transpere

Transpere

Transpere provides IT Asset Disposition (ITAD), Data Destruction, Electronic Recycling and Onsite Data Services.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

ContraForce

ContraForce

ContraForce is a threat detection and response software providing complete visibility across cloud, network, endpoints, user, and email with the ability to target and block threats in real-time.

Evanssion

Evanssion

Evanssion is a value added distributor specialized in Cloud Native & Cyber Security across Middle East & Africa.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

Ofcom

Ofcom

Ofcom is the UK's communications regulator. We regulate the TV, radio and video on demand sectors, fixed line telecoms, mobiles, postal services, plus the airwaves over which wireless devices operate.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.

Baselime

Baselime

Baselime, the cloud-native observability platform. Resolve issues in your cloud application before they become problems.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.