UK’s largest NHS trust targeted in ransomware attacks

The UK’s largest NHS trust has fallen victim to a ransomware attack in what could be the country’s biggest breach of healthcare data.

TechCrunch says Barts Health NHS Trust has been targeted by the ALPHV ransomware gang – also known as BlackCat – which has stolen 70 terabytes of sensitive data.

Barts Health NHS Trust runs five London-based hospitals and serves more than 2.5 million patients.

Samples of the allegedly stolen data, seen by TechCrunch, include employee identification documents, including passport and driver’s licences, and “confidential” emails.

A Barts Health spokesperson did not deny the trust was impacted by a security incident that involved the exfiltration of data, nor the legitimacy of the stolen data samples shared by ALPHV.

“We are aware of claims of a ransomware attack and are urgently investigating,” the spokesperson, told the publication.

ALPHV first listed Barts Health on the dark web on June 30, reportedly wrote that the trust had three days to contact the gang to prevent the publication of “most of it citizens [sic] confidential documents.”

Spate of attacks on public sector

In June a ransomware attack on the University of Manchester saw hackers access an NHS dataset that holds information on 1.1 million patients across 200 hospitals. The compromised data — gathered by the university for research purposes — includes NHS numbers and the first three letters of patients’ postcodes, according to reports.

And last month NHS England has reported a breach of patient data following the Capita cyberattack.

Tackling the rise wave of attacks on healthcare and across the public sector, the government announced a new strategy to protect NHS from cyberattacks in March.

NHS organisations need to comply with version five of the Data Security Protection Toolkit (DSPT). This updated regulation requires that all NHS organisations have vulnerability management in place and, ultimately, learn from previous cyber incidents or near misses.