cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

NRS Healthcare struck by RansomHub cyber attack

A ransomware attack has disrupted a UK healthcare equipment provider’s operations and taken some services offline.

user icon David Hollingworth
Wed, 08 May 2024
NRS Healthcare struck by RansomHub cyber attack
expand image

A manufacturer of independent living aids has been hit by a ransomware attack, disrupting some of its services and taking its website offline.

The attack occurred on 29 March – Good Friday – with NRS Healthcare reporting that all of its services – phone lines, email, and websites – were taken offline by the incident.

Ransomware group RansomHub has now taken responsibility for the attack in a post on its darknet leak site.


“On 30th of March 2024 the NRS Healthcare company was attacked with ransomware,” RansomHub said in its leak post. “More than 600k private documents was [sic] downloaded, including: Accounting, HR, Financial reports, Reception, Contracts and much more.”

“Company itself has offices in almost every state of United Kingdom. Every office was targeted and attacked.”

RansomHub claims to have 578 gigabytes of data.

According to the countdown on the RansomHub’s site, NRS Healthcare has less than eight days to pay the gang’s ransom demand. The gang has apparently posted proof of the attack, but that link is currently timing out.

In the meantime, NRS Healthcare has restored many of its operations but was forced to rebuild its entire network.

“Our technology infrastructure has been replaced, all our phone lines are operational, our service centres are all open, and stock ordering is reinstated,” an NRS spokesperson told news website THIIS on 18 April.

“Our focus has been on continuing to work to minimise disruption for service users, commissioners and prescribers. The websites are in the roadmap for the next phase on the recovery journey and expected soon.”

As of writing, however, NRS Healthcare’s site suggests the recovery is an ongoing process.

“NRS Healthcare has moved into recovery phase following the cyber security incident we experienced at the start of April. We would like to thank you for your continued support and patience and to apologise to all those who have been affected,” NRS’ website said.

All the company’s phone lines are up and working, however, as are NRS’ service centres.

“We continue to work tirelessly to restore full functionality safely and swiftly and to minimise disruption for service users, commissioners and prescribers,” NRS has said.

Cyber Daily has reached out to NRS Healthcare for further comment.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.