Cyberattack on London hospitals leads to data leak
The disruption has brought to light the significant vulnerabilities within healthcare infrastructure to cyber threats.
Cybercriminals claiming responsibility for the recent hack on London hospitals have reportedly released stolen data from the incident. England’s National Health Service (NHS) acknowledged the publication of this data, allegedly belonging to Synnovis, the pathology provider targeted in the 3 June attack. NHS officials are working closely with Synnovis, the National Cyber Security Centre, and other partners to verify the content of these files swiftly. Their focus includes determining if the data originates from Synnovis systems and if it pertains to NHS patients.
According to reports, the hackers have disclosed nearly 400GB of data on their darknet website and Telegram channel. The published information supposedly includes patient names, dates of birth, NHS numbers, and descriptions of blood tests, alongside financial spreadsheets. However, the NHS has not confirmed whether medical test results are part of the exposed data.
The attack has been attributed to the Russian-speaking hacker group Qilin, which has demanded a $50 million ransom to halt further disclosures. Synnovis, a provider jointly operated by Synlab UK & Ireland and NHS trusts, is crucial in delivering lab testing services to healthcare facilities in London and Kent. The breach has severely impacted its blood transfusion and testing capabilities, leading to the postponement of over 1,000 operations and more than 2,000 appointments at affected hospital units.