Hackers Publish Stolen Blood Test Data From London Hospitals

Uploaded on 2024-06-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The cybercrime group known as Qilin, who are believed to be Russian, have now published sensitive data stolen from an UK National Health Service (NHS) blood testing company Synnovis. 

The affected  NHS patients have had their names, dates of birth and other private information published online by the  hackers who targeted the blood testing firm which services major London hospitals.

The cyber attack has caused chaos in the capital after IT systems were effectively made useless, with the group demanding a £50 million ransom. Healthcare organisations are especially at risk of such attacks given the time-critical nature of systems they run, their role in patient care, as well as the fact that they hold large large amounts of highly personal information.

On the 20th June, Qilin published almost 400GB of the private information on their Darknet site. Services at large London hospitals including Guy's, St Thomas' and King's services were still being disrupted following the attack by hackers reportedly demanding ransom from Synnovis, a lab company which provides testing services.

Qirin has been trying to extort money from and NHS provider Synnovis after they hacked the firm on 3 June. The stolen data includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are included with the data. There are also accounting spreadsheets detailing financial arrangements between the hospitals, GP services and Synnovis.

The Synnovis incident is one of the worst cyber attacks ever in the UK with more than 3,000 hospital and GP appointments and operations affected by the disruption to pathology services.

The ransomware hackers infiltrated the computer systems of the company used by two NHS trusts in London and encrypted vital information making IT systems useless. They also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known if Synnovis or its advisors have yet entered negotiations, however, the fact Qilin has published some, potentially all, of the data means that the company has not paid any ransom so far. Law enforcement agencies around the world typically urge victims of ransomware not to pay as it both rewards criminal enterprise and is  guarantee that the stolen data will be returned intact.

NHS England released a statement saying, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

Andrew Hollister, CISO LogRhythm, commented "This latest development in the Synnovis cyberattack shows the far-reaching consequences that successful ransomware attacks have on their victims and how this extends beyond the initial target. The attack has not only put patient’s physical well-being at risk, but now we’re seeing highly sensitive personal details being compromised...   

 "Quite apart from the significant privacy implications, it also leaves affected individuals vulnerable to more targeted threats, such as phishing, due to the potential of this personal data getting into the wrong hands."      

There is nothing such as 100% secure, but one of the most important ways organizations can reduce risk is by doing the basics of cybersecurity right.

"Implementing two factor authentication, performing awareness training and establishing a regular program of patching and data back-ups are the foundations of a solid security program. The effects of ransomware attacks are often felt for years after the incident, and organisations should continually review their preparedness and take action to reduce risk as much as possible." Hollister said. 

Reuters   |   Standard   |   BBC   |   Techradar    |    Mail   |   Mail

Image: Unsplash

You Might Also Read: 

Spanish Healthcare Service Works On Resilience:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Artificial Intelligence Is Changing Education 
Five Reasons Your Organization Needs API Security Testing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Scale Computing

Scale Computing

Scale Computing is an industry leading application platform for EDGE computing environments covering retail, manufacturing, financial services and government.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Sintef Digital

Sintef Digital

Sintef Digital carries out research in Information and Communication Technology for industry and the public sector.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

Illuma Labs

Illuma Labs

Illuma Labs delivers real-time voice authentication and fraud prevention solutions.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Clearvision

Clearvision

As an Atlassian Platinum Solution Partner, Clearvision works with teams in the UK and US, providing solutions for the Atlassian stack, Git and open source tooling.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Toro Solutions

Toro Solutions

Toro provide managed security & consultancy to keep governments, businesses & society resilient in the space where cyber, physical & people security converge.