The UK's public health service (NHS) revealed on Friday that sensitive medical data of British patients was published following a cyber attack targeting a provider earlier this month, which continues to disrupt operations in major hospitals in London. The service announced that "the National Health Service in England was informed that a group of cybercriminals published data on Thursday evening claiming it belongs to the supplier Synnovis, stolen during this attack."
Russian Group Involved
The BBC reported that the Russian group "Killin," involved in cyber crimes, is behind this attack. The BBC noted that the group released nearly 400 gigabytes of data, including patient names, birth dates, NHS registration numbers, and blood test details, on Thursday night on a dedicated site on the dark web and through their Telegram channel.
The NHS stated: "We understand this may raise concerns, and we continue to work with Synnovis, the National Cyber Security Centre, and other partners to report the contents of the published files as soon as possible" and verify that they are indeed data from Synnovis.
Widespread Service Impact
It is noted that the significant cyber attack executed on June 3 against this blood testing company had a "major impact" on many services, including blood transfusions. Operations at central London hospitals, including King's College, Guys, and St Thomas', were also affected, with thousands of appointments and surgeries canceled over the past two weeks.