Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

UK hospital cyber attack affects 2.5m

Cyber attackers have stolen the data of millions after they attacked an organisation responsible for running a number of London hospitals.

user icon Daniel Croft
Fri, 14 Jul 2023
UK hospital cyber attack affects 2.5m
expand image

Hackers from the ALPHV (or BlackCat) ransomware group attacked the Barts Health NHS Trust, a group responsible for five hospitals taking care of over 2.5 million people.

The healthcare group was listed on the ransomware gangs’ dark web leak site, where the hackers said they had stolen seven terabytes of data and posted samples.

The sample includes a range of personal employee documents, including passports, driver’s licenses, and some confidential internal emails.

============
============

The gang also said it had access to financial reports, client credit card information, insurance details and “much more”.

Barts Health NHS trust, which is the largest National Health Service trust in the UK, has said that no patient data has been published and that it has begun an investigation.

“We have established that a handful of documents were illegally published on the dark web by ALPHV, but no patient data was published,” said a spokesperson speaking with the Information Age.

“A criminal investigation is underway, and we are working closely with NHS England and other experts, including the National Crime Agency and Information Commissioner’s Office.”

ALPHV has claimed that this is the biggest breach the UK health system has ever seen and that Barts has a three-day window to get in contact with them, assumingly to pay a ransom request.

“This is the most bigger leak from health care system in UK,” ALPHV said on its dark web post.

“You have three days for contact with us.

“If you prefer keep silence, we will start publicate data, most of it – citizens confidential documents.”

Barts Health NHS Trust neither confirmed nor denied whether the breach was a ransomware attack or if it had contacted ALPHV regarding a ransom payment.

ALPHV is the hacking group behind the notorious HWL Ebsworth attack. The attack, which occurred earlier in the year, has claimed a number of high-profile organisations and government bodies, including the Office of the Australian Information Commissioner (OAIC) and the Australian Federal Police (AFP), among many others.

HWL Ebsworth has since secured a court order to prevent the ALPHV from using any of the stolen data, a move that is unlikely to work, according to a ransomware researcher for New Zealand security firm Emsisoft, Brett Callow.

“New Zealand’s Waikato District Health Board and the Irish Health Service Executive are among the other organisations to have taken similar courses of action, and it’s a somewhat risky strategy,” he told New Zealand publication ITWire.

“On the one hand, the injunction may dissuade casual looky-loos from accessing the data and also stop reporters from using it as the basis for stories.

“On the other hand, it’s unlikely to stop ALPHV from releasing the data and may actually provoke them into releasing it more quickly or distributing it more widely than they otherwise would.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.