Ransomware on Steroids Hits London Hospitals

Cybercriminals have published sensitive patient information obtained from multiple London hospitals via an NHS blood testing company. The criminals published nearly 400GB of private information when attempts to extort money from the NHS provider since June 3rd had failed.

Data already published include patient names, dates of birth, NHS numbers, and descriptions of blood tests. They also published business account spreadsheets detailing financial arrangements between hospitals and GP services and Synnovis. More than 3,000 hospital visits, GP appointments, and operations were canceled because of the attack.

Ransomware hackers infiltrated Synnovis computer systems, used by two NHS trusts in London, encrypting information so that IT systems were useless. They also downloaded as much private data as possible to extort the company for a Bitcoin ransom payment, which Synnovis didn’t pay.

The gang is potentially based in Russia. They have stolen data from other healthcare entities, schools, companies, and councils worldwide.

Saira Ghafur, an expert in healthcare cyber security at Imperial College, London, indicated that we’re in an era in which we need to expect and plan for cyberattacks. It’s very much a “when,” not an “if.” Ghafur added that systems must be “resilient enough to take several shocks at the same time” as attacks become more common.