Britain's Biggest Hospital Held To Ransom

Britain's public sector has been confronted with a wave of ransomware attacks in recent months and now a notorious Russian cyber criminal  gang known as ALPHV, or BlackCat, has announced that it successfully infiltrated one of the UK’s largest hospital groups, threatening to expose a vast collection of confidential data.

The AlphV gang, also known as BlackCat, says it has stolen 70 terabytes of sensitive data in what it claims is the biggest breach of healthcare data in the UK.

Barts Health NHS Trust, which runs five London-based hospitals, was recently added to the Dark Web leak site of the ALPHV ransomware gang. Currently, it remains unclear whether the gang resorted to their ransomware tactics on the computers within the London hospitals, namely St. Bartholomew’s, the Royal London, Mile End, Whipps Cross, and Newham.

British cyber security agencies are investigating the attack, which has led to the exposure of private and confidential information. Staff at one of the UK's largest hospital groups have spent a nervous week wondering if private data, stolen from their employer's IT systems by a ransomware gang, is going to be posted online after a deadline to prevent publication passed.

Some personally identifiable information belonging to workers has already been leaked by the ransomware gang on its website as proof of the intrusion and exfiltration, including people's financial details, CVs, and copies of passports and driving licenses. It's not clear if or how much patient or medical data is involved.

Between 2022-2023 global healthcare sector experienced:

  • Over 271 million intrusion attacks
  • Over 11 million ransomware attempts (an 8% increase)
  • A 35% increase in encrypted threats
  • A 33% increase in IOT Malware

In comment SonicWall expert Spencer Starkey said "The healthcare sector continues to be a prime target for malicious actors as evidenced by the recent attack on Barts Health NHS Trust. Not only does this attack risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life"

“The ramifications of an attack on the healthcare sector can be disastrous and it's important to place the utmost amount of time, money and efforts on securing them."

The Register:    Bloomberg:    Techcrunch:     Times of India:   SlashDot:    Insurance Business:   GRIDINSOFT:  

You Might Also Read: 

Hackers Have Already Cost Medibank $26m:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Managing The Effects Of AI-Driven Cyber Attacks
Hollywood Stars Strike Over AI Human Replacements »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Axial

Axial

Axial Systems is one of the UK’s leading solution providers and systems integrators in network, security and services.

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

Logscape

Logscape

Logscape provides a big data analytical tool for log file analysis and operational analytics.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

Vivitec

Vivitec

Vivitec security services are tailored for your business, industry, risk, technology, and size to ensure great protection and planned response for the inevitable cyber-attacks on your business.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Future Technology Systems Company (FutureTEC)

Future Technology Systems Company (FutureTEC)

FutureTEC is a leading Information Technology Solutions Provider, delivering world-class Information Security, Information Management, and Business Solutions.

SMARTEST

SMARTEST

SMARTEST is a world-class IT solutions provider active in the most challenging and demanding industries such as the oil and gas industries.

Trojan Horse Security

Trojan Horse Security

Trojan Horse Security are specialists in corporate security. Our services include: Comprehensive Cyber Security Analysis, Penetration Testing, Network Security and Security Audits.

ResilientX

ResilientX

ResilientX is an All-In-One Security Testing Platform designed to help MSPs and SMBs to perform their security testing and assessments without having to outsource IT.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

Nokod Security

Nokod Security

Nokod Security delivers an application security platform for low-code / no-code custom applications and Robotic Process Automation (RPA).