UK battles hacking wave as ransomware gang claims ‘biggest ever’ NHS breach

/in


The U.K.’s largest NHS trust has confirmed it’s investigating a ransomware incident as the country’s public sector continues to battle a rising wave of cyberattacks.

Barts Health NHS Trust, which runs five London-based hospitals and serves more than 2.5 million patients, was recently added to the dark web leak site of the ALPHV ransomware gang. The gang, also known as BlackCat, says it has stolen 70 terabytes of sensitive data in what it claims is the biggest breach of healthcare data in the United Kingdom.

Samples of the allegedly stolen data, seen by TechCrunch, include employee identification documents, including passports and driver licenses, and internal emails labeled “confidential.”

When asked by TechCrunch, a Barts Health spokesperson did not dispute that it was affected by a security incident that involved the exfiltration of data, nor did they dispute the legitimacy of the stolen data samples shared by ALPHV. “We are aware of claims of a ransomware attack and are urgently investigating,” the spokesperson, who did not provide their name, told TechCrunch.

ALPHV, which first listed Barts Health on June 30, wrote that the NHS Trust had three days to contact the gang to prevent the publication of data, “most of it citizens [sic] confidential documents.” At the time of writing, the full trove of allegedly stolen data has not been published.

This incident is the second breach of NHS data in recent weeks. As first reported by the Independent, a June ransomware attack on the U.K.’s University of Manchester saw hackers access an NHS dataset that holds information on 1.1 million patients across 200 hospitals. The compromised data — gathered by the university for research purposes — includes NHS numbers and the first three letters of patients’ postcodes, according to reports.

When asked by TechCrunch, University of Manchester spokesperson Ben Robinson declined to comment on the reported theft of NHS data, but confirmed that the university had experienced a security incident that led to the exfiltration of data from its systems.

“We confirmed on 23 June that our systems have been accessed and student and alumni data has been copied. Individuals have…

Source…