Hackers Publish Stolen Blood Test Data From London Hospitals

The cybercrime group known as Qilin, who are believed to be Russian, have now published sensitive data stolen from an UK National Health Service (NHS) blood testing company Synnovis. 

The affected  NHS patients have had their names, dates of birth and other private information published online by the  hackers who targeted the blood testing firm which services major London hospitals.

The cyber attack has caused chaos in the capital after IT systems were effectively made useless, with the group demanding a £50 million ransom. Healthcare organisations are especially at risk of such attacks given the time-critical nature of systems they run, their role in patient care, as well as the fact that they hold large large amounts of highly personal information.

On the 20th June, Qilin published almost 400GB of the private information on their Darknet site. Services at large London hospitals including Guy's, St Thomas' and King's services were still being disrupted following the attack by hackers reportedly demanding ransom from Synnovis, a lab company which provides testing services.

Qirin has been trying to extort money from and NHS provider Synnovis after they hacked the firm on 3 June. The stolen data includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are included with the data. There are also accounting spreadsheets detailing financial arrangements between the hospitals, GP services and Synnovis.

The Synnovis incident is one of the worst cyber attacks ever in the UK with more than 3,000 hospital and GP appointments and operations affected by the disruption to pathology services.

The ransomware hackers infiltrated the computer systems of the company used by two NHS trusts in London and encrypted vital information making IT systems useless. They also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known if Synnovis or its advisors have yet entered negotiations, however, the fact Qilin has published some, potentially all, of the data means that the company has not paid any ransom so far. Law enforcement agencies around the world typically urge victims of ransomware not to pay as it both rewards criminal enterprise and is  guarantee that the stolen data will be returned intact.

NHS England released a statement saying, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

Andrew Hollister, CISO LogRhythm, commented "This latest development in the Synnovis cyberattack shows the far-reaching consequences that successful ransomware attacks have on their victims and how this extends beyond the initial target. The attack has not only put patient’s physical well-being at risk, but now we’re seeing highly sensitive personal details being compromised...   

 "Quite apart from the significant privacy implications, it also leaves affected individuals vulnerable to more targeted threats, such as phishing, due to the potential of this personal data getting into the wrong hands."      

There is nothing such as 100% secure, but one of the most important ways organizations can reduce risk is by doing the basics of cybersecurity right.

"Implementing two factor authentication, performing awareness training and establishing a regular program of patching and data back-ups are the foundations of a solid security program. The effects of ransomware attacks are often felt for years after the incident, and organisations should continually review their preparedness and take action to reduce risk as much as possible." Hollister said. 

Reuters   |   Standard   |   BBC   |   Techradar    |    Mail   |   Mail

Image: Unsplash

You Might Also Read: 

Spanish Healthcare Service Works On Resilience:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Artificial Intelligence Is Changing Education 
Five Reasons Your Organization Needs API Security Testing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

Security Current

Security Current

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Securd

Securd

Securd takes opportunities away from your cyber adversaries. Cloud-delivered zero-trust DNS firewall and web filtering protection keep your business network and remote employees safe.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

Celera Networks

Celera Networks

Celera Networks is a managed services provider specializing in cybersecurity, cloud and managed IT services.

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

Technation

Technation

Technation proudly represents the Canadian technology companies that are furthering our nation and the world into the future through innovation, creativity and ingenuity.

2021.AI

2021.AI

2021.AI serves the growing business need for full oversight and management of applied AI.

Genix Cyber

Genix Cyber

Genix Cyber provides world-class cybersecurity services that protect systems, cloud applications, infrastructure, critical data, and networks from evolving cyber threats.