Cybercriminals have published data containing patient information following a ransomware attack that caused chaos at several major London hospitals, officials have stated.
Hackers hit pathology firm Synnovis, which provider blood tests to a network of hospitals and clinics in the U.K. capital, on June 3.
This initial attack made it impossible to provide numerous services, including organ transplants, at several sites across central and southeast London.
On Friday, the BBC reported a cyber gang called Qilin had published some 400 gigabytes of stolen data, including patient names, health system registration numbers and descriptions of blood tests, as well as finanacial information about Synnovis. It’s not clear if test results have been shared.
Qilin claims the data belongs to Synnovis. The group previously said they would post the information online if they didn’t get paid, the BBC states.
Public bodies including public health system, the National Health Service, the National Crime Agency and the National Cyber Security Centre say investigations into the attack are ongoing.
NHS England said in a statement on Friday: “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”
Hospitals are still reeling from the June 3 attack, with Synnovis still unable to process most blood tests. At the time, one hospital source told industry publication HSJ it would take “weeks, not days” to restore services.
Earlier this week, the firm said it’s currently sending non-urgent tests to other labs to prioritise the most acute patients.
“Our plan for the restoration of services is comprehensive and well underway, running in parallel to the forensic investigation being led by external specialists. Every available resource is focused on this plan,” CEO Mark Dollar said in a statement on Monday.
“Progress has been made, and I am confident momentum will continue to gain pace given the extraordinary efforts of our colleagues and partners in supporting clinicians and their patients during such a disruptive time.”
Cybersecurity expert Saira Ghafur from Imperial College London told the BBC she thought this was “probably one of the most significant cyber attacks on the NHS.”
“This will all have quite a severe impact in the delivery of patient care, which we’ll see impacted for an ongoing couple of weeks.”
Affected sites include King’s College Hospital in Denmark Hill, south London, Guy’s Hospital near London Bridge and St Thomas’s Hospital in Westminster. Located directly opposite the Houses of Parliament, St Thomas’s gained international attention when it treated former prime minister Boris Johnson for Covid-19 during the pandemic.
