UK health authorities have confirmed that sensitive data from a ransomware attack that caused significant disruption at several London hospitals has been published online. The cyberattack, which occurred earlier this month, targeted the service supplier Synnovis and severely impacted blood transfusion services, leading to the cancellation of hundreds of appointments and operations.
The attack affected major hospitals, including King’s College Hospital and Guy’s and St Thomas’ Hospital, both situated in central London. NHS England announced that the cybercriminal group responsible for the attack had released the stolen data online. This development was reported by the BBC, which identified the Russian cybercriminal group Qilin as the perpetrators. They reportedly shared nearly 400 gigabytes of data on their darknet site and Telegram channel, including patient names, dates of birth, NHS numbers, and blood test descriptions.
READ ALSO
Health Minister Confident in Nigeria Health Sector Renewal Investment Initiative
Synnovis, a company specializing in pathology tests on blood samples primarily in southeast London, was targeted in the cyberattack on June 3. NHS England is collaborating with Synnovis, the National Cyber Security Centre, and other partners to quickly ascertain the content of the published files and address the concerns of affected individuals.
“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre, and other partners to determine the content of the published files as quickly as possible,” NHS England stated.
The publication of such sensitive information poses significant risks to patient privacy and the integrity of healthcare services. The ongoing efforts aim to mitigate the impact of this breach and enhance security measures to prevent future incidents.