Hackers Publish Stolen Blood Test Data From London Hospitals

The cybercrime group known as Qilin, who are believed to be Russian, have now published sensitive data stolen from an UK National Health Service (NHS) blood testing company Synnovis. 

The affected  NHS patients have had their names, dates of birth and other private information published online by the  hackers who targeted the blood testing firm which services major London hospitals.

The cyber attack has caused chaos in the capital after IT systems were effectively made useless, with the group demanding a £50 million ransom. Healthcare organisations are especially at risk of such attacks given the time-critical nature of systems they run, their role in patient care, as well as the fact that they hold large large amounts of highly personal information.

On the 20th June, Qilin published almost 400GB of the private information on their Darknet site. Services at large London hospitals including Guy's, St Thomas' and King's services were still being disrupted following the attack by hackers reportedly demanding ransom from Synnovis, a lab company which provides testing services.

Qirin has been trying to extort money from and NHS provider Synnovis after they hacked the firm on 3 June. The stolen data includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are included with the data. There are also accounting spreadsheets detailing financial arrangements between the hospitals, GP services and Synnovis.

The Synnovis incident is one of the worst cyber attacks ever in the UK with more than 3,000 hospital and GP appointments and operations affected by the disruption to pathology services.

The ransomware hackers infiltrated the computer systems of the company used by two NHS trusts in London and encrypted vital information making IT systems useless. They also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known if Synnovis or its advisors have yet entered negotiations, however, the fact Qilin has published some, potentially all, of the data means that the company has not paid any ransom so far. Law enforcement agencies around the world typically urge victims of ransomware not to pay as it both rewards criminal enterprise and is  guarantee that the stolen data will be returned intact.

NHS England released a statement saying, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

Andrew Hollister, CISO LogRhythm, commented "This latest development in the Synnovis cyberattack shows the far-reaching consequences that successful ransomware attacks have on their victims and how this extends beyond the initial target. The attack has not only put patient’s physical well-being at risk, but now we’re seeing highly sensitive personal details being compromised...   

 "Quite apart from the significant privacy implications, it also leaves affected individuals vulnerable to more targeted threats, such as phishing, due to the potential of this personal data getting into the wrong hands."      

There is nothing such as 100% secure, but one of the most important ways organizations can reduce risk is by doing the basics of cybersecurity right.

"Implementing two factor authentication, performing awareness training and establishing a regular program of patching and data back-ups are the foundations of a solid security program. The effects of ransomware attacks are often felt for years after the incident, and organisations should continually review their preparedness and take action to reduce risk as much as possible." Hollister said. 

Reuters   |   Standard   |   BBC   |   Techradar    |    Mail   |   Mail

Image: Unsplash

You Might Also Read: 

Spanish Healthcare Service Works On Resilience:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Artificial Intelligence Is Changing Education 
Five Reasons Your Organization Needs API Security Testing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

MadSec Security

MadSec Security

MadSec Security is a leading consulting company whose expertise are information and cyber security.

ReFoMa

ReFoMa

ReFoMa is a consultancy and advisory company with a focus on information Security.

Seconize

Seconize

Seconize empowers enterprises to proactively manage their cyber risks, prioritize remediations, optimize security spending and ensure compliance.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

CYMOTIVE Technologies

CYMOTIVE Technologies

Combining Israeli cyber innovation with a century of German automotive engineering. CYMOTIVE operates under the assumption that connectivity is a game changer for the automotive industry.

MindWise

MindWise

MindWise is a comprehensive global threat monitoring solution with implementations for fraud prevention and enterprise threat intelligence.

Punk Security

Punk Security

Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

MyTurn Career LLC

MyTurn Career LLC

Looking for a rewarding career in cybersecurity? Explore a wide range of cybersecurity jobs and opportunities in this rapidly evolving field.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.