A ransomware group that claims it holds 3 terabytes of stolen NHS patient and staff data has threatened to publish the data unless the health agency meets their demands.
In a brazen effort to amplify the extortion attempts against the NHS, the cybercriminals have even disclosed a so-called “proof pack” of their successful attack and exfiltration efforts on their leak platform, including confidential information on some patients.
The data, published on March 26, was also analyzed by BBC investigative reporters who found the documents included screenshots of referral letters and medical reports of patients with severe diagnoses from and before 2019.
These documents contain both the names and addresses of patients and highly sensitive medical details.
Earlier this month, NHS Dumfries and Galloway (NHS DG) confirmed a cyberattack that prompted the agency to begin an extensive investigation and assess the risks of attackers acquiring patient and employee information.
On March 27, NHS has confirmed that it “is aware that clinical data relating to a small number of patients has been published by a recognised ransomware group”.
“This follows a recent focused cyber attack on the Board’s IT systems, when hackers were able to access a significant amount of data including patient and staff-identifiable information,” the health agency said.
NHS DG is still investigating the breach to learn how much information was stolen in the attack. It does not believe any patient's health information has been removed or altered.
“While some information has been illegally copied from NHS DG records, and has now been leaked, NHS DG and other agencies have carried out careful checks of our systems, and we are confident that your records have not been tampered with.”
The agency is urging patients to remain vigilant since it is very likely the cybercriminals will leverage the stolen information in targeted cyberattacks.
As such, patients should:
Personal health information is highly sought after on dark web marketplaces, as it enables fraudsters to:
If you want to be proactive about your digital and financial safety, use Bitdefender Digital Identity Protection.
Our dedicated identity protection service is packed with handy features that enable data breach victims to find out if their personal information has been leaked online in real-time.
On top of 24/7 data breach alerts, you can benefit from the industry's first Identity Protection Score to help you understand the extent of the breach and how it can impact you and receive actionable advice to immediately minimize risk and safeguard your well-being.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsNovember 14, 2024
September 06, 2024