NHS Trust Confirms Clinical Data Leaked by Recognized Ransomware Group

/in


NHS Dumfries and Galloway has confirmed that patient clinical data has been leaked online by a ransomware group following the attack on its systems earlier this month.

The statement by the Scottish NHS Trust dated March 27, 2024, revealed that clinical data relating to a small number of patients has been published by a “recognized ransomware group.”

The trust acknowledged that in the cyber-attack, which it first reported on March 15, the hackers accessed “a significant amount of data including patient and staff-identifiable information.”

It follows a threat by the ransomware group Inc Ransom  on its leak site that it will soon publish 3TB of data relating to NHS Scotland patients and staff unless its demands are met.

The threat actor also included a ‘proof pack’ in its post, which appeared to show a range of sensitive clinical documents, such as genetics reports and letters between doctors discussing patient treatments.

Trevor Dearing, director of critical infrastructure at Illumio, commented: “The methods used by INC Ransom are common among ransomware groups. Ransomware attacks against healthcare organizations are now multiple layers of extortion – cybercriminals will look to steal and leak sensitive data, as well as affect operational up-time. Stolen healthcare data can be sold on the dark web for a quick profit or used in identity fraud.”

NHS Helping Impacted Patients

NHS Dumfries and Galloway Chief Executive Jeff Ace said the service is making contact with patients whose data has been leaked at this point and will continue working to limit any sharing of this information.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population,” he commented.

Ace acknowledged that the information has been released by the attackers to prove it is in their possession. He made no reference to any ransom demand made by the group.

“We absolutely deplore the release of confidential patient data as part of this criminal act,” he said.

Ace added: “We are continuing to work with Police Scotland, the…

Source…