Cyber Hackers Leak Sensitive NHS Blood Test Data
A group of cyber criminals has caused massive disruption to several London hospitals by publishing sensitive information they stole from an NHS blood testing company. On Thursday night, the gang known as Qilin shared nearly 400GB of private data on their darknet site and Telegram channel. They have been trying to extort money from NHS provider Synnovis since they hacked the company on June 3.
Stolen Data Details
The stolen data includes patient names, dates of birth, NHS numbers, and descriptions of various blood tests. It is not yet clear if the test results are also included. Business account spreadsheets detailing the financial relationships between hospitals, GP services, and Synnovis are also part of the leaked data.
NHS Response
NHS England confirmed they are aware of the data leak and are working with Synnovis and the National Cyber Security Centre to understand the full extent of the published files. This investigation will determine if the data relates to NHS patients.
Synnovis expressed their concern:
- "We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already underway."
Impact of Cyber Attack
The Synnovis hack has been one of the most severe cyber-attacks in the UK, affecting over 1,000 hospital and GP appointments and operations due to disruption in pathology services. The ransomware hackers managed to infiltrate the company’s computer systems, encrypting vital information and making IT systems unusable. They downloaded as much private data as possible to demand a ransom payment in Bitcoin. However, as Qilin has published some, potentially all, of the data, it's clear that no payment was made.
Expert Opinion
Ransomware experts advise against paying the ransom as it supports criminal activities without any guarantee of compliance from the hackers. Expert Brett Callow noted:
- “Cybercriminals go where the money is and, unfortunately, the money is in attacking the healthcare sector.”
Qilin’s Motivations
On Tuesday night, Qilin claimed they targeted Synnovis to punish the UK for not supporting enough in an unspecified war. While Qilin has a history of extorting money from various organizations, they claimed this cyber-attack was a form of protest.
- “We are very sorry for the people who suffered because of it. Herewith we don’t consider ourselves guilty and we ask you don’t blame us in this situation. Blame your government.”
Despite these claims, Qilin’s motives are met with skepticism as they have previously leaked stolen data from other organizations for financial gains. The group, believed to be based in Russia, would not disclose their exact location for "security reasons".
Conclusion
This cyber-attack and the subsequent data leak emphasize the increasing threat faced by healthcare organizations and the critical importance of robust cyber security measures to protect sensitive patient information. The Synnovis hack serves as a stark reminder that cybercriminals continue to pose a significant threat to public health and safety.
