DXS International is a British technology company that provides healthcare workflow solutions to the NHS.
According to a notice by DXS to the London Stock Exchange, the company said that on 14 December, it detected unauthorised access to its office servers.
“Once discovered, the data security breach was immediately contained by means of a joint effort by DXS’s internal IT security teams in close cooperation with NHS England,” the company said.
“The board has appointed an external cyber security specialist agency whose thorough investigations are underway to establish the nature and extent of the incident.”
The company did not comment on whether or not any data was stolen or if there were any observed cases of data being used maliciously in the fallout of the cyber attack.
However, DXS has said that impact on its services and its frontline clinical services “remain unaffected and operational”.
It also said that it does not expect the incident to have any material negative impact on its financial position in the market or its forecast for the fiscal year ending 30 April 2026.
“The company has notified the relevant regulators, authorities, and law enforcement agencies, including the Information Commissioner’s Office, and various NHS bodies and is fully cooperating with their investigations,” DXS added.
“The company will inform the market if there are any notifiable changes to the situation.
“The directors of DXS International plc accept responsibility for this announcement.”
While DXS International has not mentioned the threat actor behind the incident, a ransomware organisation by the name of DEVMAN listed DXS Systems on its dark web leak site.
DXS Systems, which appears to be the operating entity of DXS International, was listed a day after the incident on 15 December.
While DEVMAN has not listed any details of the incident, it has claimed to have exfiltrated 300 gigabytes of data from the company and is threatening to release it on 20 December AEST.
Daniel Croft