A gang of cyber criminals has caused chaos for multiple London hospitals by publishing sensitive data stolen from an NHS blood testing company. Qilin, the group behind the attack, has been trying to extort money from NHS provider Synnovis since they hacked the firm on 3 June. Despite their demands, Synnovis did not pay up, leading Qilin to release almost 400GB of private information on their darknet site and Telegram channel.
The leaked data includes patient names, dates of birth, NHS numbers, and descriptions of blood tests, raising concerns about privacy and security. Additionally, business account spreadsheets detailing financial arrangements between hospitals, GP services, and Synnovis were also exposed.
The fallout from the hack has been significant, with over 1000 hospital and GP appointments and operations affected by the disruption to pathology services. The ransomware attack encrypted vital information, rendering IT systems useless and causing widespread disruption.
Ransomware expert Brett Callow from Emsisoft highlighted the increasing targeting of healthcare organizations by cybercriminals, citing the potential for large payouts. Qilin, however, claimed their attack was a form of protest against the UK government for not providing enough support in an unspecified conflict.
Despite their claims of activism, Qilin has a history of extortion and has targeted various organizations worldwide for financial gain. The group, believed to be based in Russia, has refused to disclose their exact location or political allegiance.
The incident serves as a stark reminder of the ongoing threat posed by cybercriminals and the importance of robust cybersecurity measures to protect sensitive data and critical infrastructure. Law enforcement agencies continue to advise against paying ransoms, as it only fuels criminal activities and does not guarantee the safe return of stolen data.