British NHS Trusts Hit By Major Cyberattack: Data Stolen  

Uploaded on 2025-06-02 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The UK National Health Service (NHS) has confirmed that University College London Hospitals NHS Foundation Trust and  the  University Hospital Southampton NHS Foundation Trust have suffered a cyberattack, leading to data theft.

NHS officials have expressed serious concerns that patient data may have been compromised.  

This was not a ransomware attack. Instead, hackers exploited a vulnerability in Ivanti Endpoint Manager Mobile (EPMM) - a program used to manage employee phones. This flaw was first discovered on 15 May, and although Ivanti has since patched it, cybersecurity experts warn that systems previously exposed may still be **at risk**.  

What Data Was Compromised?*  
Analysts believe that hackers accessed staff phone numbers, IMEI numbers, and authentication tokens. These details could allow attackers to gain deeper access, potentially exposing patient records and sensitive hospital networks.  

Global Impact  
The cyberattack is part of a larger breach, with victims identified across Scandinavia, the UK, US, Germany, Ireland, South Korea, and Japan, according to cybersecurity firm EclecticIQ. The UK’s National Cybersecurity Centre (NCSC) is working with NHS officials to analyze the extent of the breach and strengthen security measures.

Suspected Origin of Attack
Cybersecurity researchers have traced the hacking activity to an IP address based in China. The tactics used mirror previous attacks carried out by China-based actors, although authorities are still investigating who the exact perpetrators might be.  

This incident highlights the urgent need for robust cybersecurity measures in healthcare. Hospitals and medical institutions remain high-value targets.

EclecticIQ   |    Sky   |    LBC  

Image: kaboompics

You Might Aslo Read: 

Chinese Hackers Exploiting Ivanti Connect Secure Vulnerability:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Introducing Modern SecOps, a more realistic alternative to the “autonomous SOC” 
Cartier Confirms Customer Data Exposure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Palo Alto Networks

Palo Alto Networks

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate.

Absolute Software

Absolute Software

Absolute provides persistent endpoint security and data risk management solutions for mobile devices - computers, tablets, and smartphones.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

NATO Communications and Information Agency (NCIA)

NATO Communications and Information Agency (NCIA)

The NCIA Cyber Security Service Line is responsible for planning and executing all life cycle management activities for cyber security.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

Digi International

Digi International

Digi is a leading global provider of mission-critical and business-critical machine-to-machine (M2M) and Internet of Things (IoT) connectivity products and services.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

Africa ICS Cyber Security Conference

Africa ICS Cyber Security Conference

Africa's largest ICS Cyber Security Conference and Expo. The only platform that will proudly present top level B2B and B2C networking opportunities.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Green Radar

Green Radar

Green Radar is a next generation cybersecurity company which combines technologies and services together to deliver Threat Detection for Emails and Deep Threat Analytics and Response.

Crisis24

Crisis24

Crisis24 is a leading integrated risk management, crisis response, consulting, and global protective solutions firm.