On 3 June [3] [6], the ransomware group Qilin targeted Synnovis, a UK-based medical testing provider, in a cyber attack that resulted in the exposure of sensitive data.
Description
Over 400GB of data [1] [2], including patient information such as names, dates of birth [1] [5] [6] [7], NHS numbers [1] [2] [5] [6] [7], blood test details, and financial records outlining agreements between hospitals, GP services [1] [2] [6], and Synnovis [1] [2] [4] [5] [6] [7] [8], was disclosed on the darknet and Telegram by Qilin. This breach may only represent a portion of the total data stolen. The incident led to the loss of 20,000 blood samples, disrupting clinical operations and causing delays in over 3,300 elective surgeries and outpatient appointments [7]. NHS England [1] [2] [4] [5] [8], in conjunction with the National Crime Agency and National Cyber Security Centre [3] [8], is actively investigating the breach and analyzing the compromised files. Synnovis is collaborating with NHS Trusts and GP practices to identify affected samples and inform patients [7]. A helpline has been established for patient inquiries, with a recommendation for patients to continue seeking medical care as usual. NHS England is providing updates through Synnovis’ investigation and the NHS Digital website [8].
Conclusion
The breach at Synnovis has had significant repercussions, including the destruction of critical medical samples and disruptions to patient care. Efforts are underway to mitigate the impact, with investigations ongoing and support being provided to affected individuals. This incident underscores the importance of robust cybersecurity measures in safeguarding sensitive healthcare data and highlights the need for continued vigilance in the face of evolving cyber threats.
References
[1] https://www.independent.co.uk/news/uk/home-news/nhs-cyber-attack-synnovis-russia-b2566424.html
[2] https://www.infosecurity-magazine.com/news/synnovis-publish-nhs-patient-data/
[3] https://digital.nhs.uk/news/synnovis-cyber-incident
[4] https://www.forbes.com/sites/katherinehignett/2024/06/21/hackers-publish-400gb-of-data-after-london-hospital-cyber-attack/
[5] https://www.computerweekly.com/news/366589583/Qilin-ransomware-gang-publishes-stolen-NHS-data-online
[6] https://news.sky.com/story/nhs-cyber-attack-sensitive-data-stolen-from-blood-test-provider-in-cyber-attack-by-criminal-group-published-online-13154539
[7] https://siliconangle.com/2024/06/21/hackers-leak-data-stolen-uk-medical-testing-provider-synnovis/
[8] https://www.england.nhs.uk/2024/06/synnovis-cyber-attack-statement-from-nhs-england/