Ransomware Gang Claims “Biggest Ever” NHS Data Breach
Last week, a notorious group of cyber criminals, known as ALPHV or BlackCat, made an announcement on their website declaring their successful acquisition of 70 terabytes of internal documents from the Barts Health NHS Trust. The predominantly Russian-speaking gang has issued a serious ultimatum, demanding a ransom payment to prevent the public release of the stolen data.
According to TechCrunch, this is the largest healthcare data breach in the history of the UK. Efforts are underway to assess the extent of the breach, which includes employee IDs, such as passports, driver's licenses, and “internal emails labeled confidential.”
Barts Health NHS Trust has officially acknowledged the security breach and has initiated an investigation into the matter. While the trust has not refuted the claims made by ALPHV regarding the stolen information, the National Cyber Security Centre (UK's cybersecurity agency) is actively involved in the investigation.
It is particularly concerning as it marks the second data breach within the NHS in recent weeks, underscoring the vulnerability of healthcare organizations to cyber threats.
TechCrunch contacted Ben Robinson, a spokesperson from the University of Manchester, to comment on the reported theft of NHS data. While declining to comment specifically on the NHS data breach, Robinson confirmed that the university had encountered a security incident resulting in unauthorized data extraction from its systems. "On June 23, we confirmed that our systems had been breached, leading to the copying of student and alumni data," stated Robinson.
He further mentioned that individuals affected by the cyber incident had been notified and offered assistance and guidance to enhance their data security. Robinson emphasized that the university's internal data experts and external support are diligently working day and night to address the incident and mitigate its consequences.