Russian hackers publish NHS patients' details and blood test results online after London hospital cyber attack
21 June 2024, 13:03
A hacker gang, behind a cyberattack which targeted an NHS blood testing company has published the stolen data on the dark web.
Listen to this article
Loading audio...
The attack has caused significant disruption at both King’s College Hospital Trust and Guy’s and St Thomas’ Trust, by reducing the number of tests that could be carried out.
So far, 1,134 operations and 2,194 outpatient appointments have been postponed.
The gang named Qilin, who claimed responsibility for the attack, has been trying to extort money from NHS provider Synnovis since they hacked the firm on 3rd June.
Synnovis, a pathology laboratory which processes blood tests on behalf of a number of NHS organisations is where the data was allegedly stolen from.
Read more: Hundreds of operations and appointments cancelled in week after NHS cyber attack
Qilin published 400GB of private information last night and NHS England has been made aware of the attack but say they cannot be sure the shared data is real.
Thought to be based in Russia, Qilin, demanded a ransom payment in Bitcoin, but the fact the data has been means Synnovis did not pay.
It is unknown if Synnovis entered negotiations with the hackers or how much money they demanded.
This is inline with Law enforcement agencies who urge victims to not pay ransom as it does not guarantee the criminals will do as they promise and it could further fuel criminal enterprises.
The NHS has released a statement saying: “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible.
“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.
“As more information becomes available through Synnovis’ full investigation, the NHS will continue to update patients and the public.”
According to reports the stolen data included private information such as patient names, dates of births, NHS numbers and descriptions of blood tests.
It is currently unknown if blood test results are also in the data.
Meanwhile, Synnovis said: "We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already underway."
The hack has been one of the worst cyber-attacks in the UK causing over 1,000 hospital and GP appointments and operations being affected by the disruption.
Qilin claim to have deliberately targeted Synnovis as an act of protest and a way to punish the UK for not helping enough in an unspecified war.
This has drawn scepticism, as their site says to have leaked stolen data from other healthcare organisations, schools, companies and councils around the world for money.
Qilin posts adverts for hackers to join its criminal service in Russian.
It is rare for hackers to be arrested in Russia as the government refuses to co-operate with Western law enforcement requests.
