Stolen test data and NHS numbers published by hospital hackers

Cyber criminals have been trying to extort money from NHS provider Synnovis since they hacked the firm on 3 June.
27 June 2024
Image by CyberBeat

A gang of cyber criminals causing huge disruption to multiple London hospitals have published sensitive patient data stolen from an NHS blood testing company.

Overnight last Thursday, Qilin shared almost 400GB of the private information on their darknet site.

The gang has been trying to extort money from NHS provider Synnovis since they hacked the firm on 3 June.

Cyber security expert Ciaran Martin told the BBC it was "one of the most significant and harmful cyber attacks ever in the UK… And it could be several months before systems were restored.”

A sample of the data seen by the BBC includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are also in the data.

The hack has also resulted in more than 3,000 hospital and GP appointments and operations being disrupted.

Qilin previously told the BBC they would publish the data unless they got paid.

There are also business account spreadsheets detailing financial arrangements between hospitals and GP services and Synnovis.

NHS England told the BBC it was aware of the publication but could not be completely sure the shared data was real.

 

- CyberBeat

 

About CyberBeat

CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.

Contact CyberBeat

If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us

Terms & Policies >>

Sponsors

We couldn't do this without the support of our sponsors and contributors.