Data from hacked London NHS hospitals allegedly published online

June 21, 2024



NHS England has confirmed that it is looking into claims that a cyber-criminal group has published data from a ransomware attack on NHS provider Synnovis.

According to reports, Synnovis, which provides pathology services on blood tests mainly in south-east London, was the victim of a cyberattack, understood to be carried out by Russian group Qilin on 3 June.

Stolen data

“NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack,” said NHS England in a statement.

The attack has caused major delays, with hundreds of operations and appointments still being cancelled two weeks after the incident.

“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” added NHS England.

“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

The BBC says the cyber criminal group shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on their darknet site and Telegram channel.

Analysis underway

“We know how worrying this development may be for many people,” said Synnovis in a statement.

“We are taking it very seriously and an analysis of this data is already under way.”

More Security News

Read Next

Security Journal UK

Subscribe Now

£99.99 for each year
No payment items has been selected yet