In the recent security breach against Synnovis, a group of Russian hackers compromised records of 300 million patient interactions with the NHS and all of their sensitive data, such as blood test results for HIV and cancer. This cyber-attack has caused a great deal of concern to Synnovis, the NHS, and the patients affected.
View WhitepaperIn the recent security breach against Synnovis, a group of Russian hackers have compromised records of 300 million patient interactions with the NHS and all of their sensitive data, such as blood test results for HIV and cancer. This cyber-attack has caused a great deal of concern to Synnovis, the NHS, and the patients affected.
The attack, which is said to have been orchestrated by the Qilin hacking group, has prompted urgent action from Synnovis and NHS officials, who are now racing to establish a helpline to assist the growing number of concerned patients and healthcare staff impacted.
The cyberattack has affected seven hospitals managed by two NHS trusts, specifically targeting Synnovis, who provides vital pathology services, including blood tests and transfusions. Although it remains uncertain whether the breach is only confined to these hospitals or has had a broader impact on other hospitals at this moment in time.
In addition to the issues that were already ongoing, Qilin (the attackers) followed through on their threat to release the stolen data they’d obtained to the public after Synnovis reportedly refused to pay a £40 million ransom to them. As a result, the NHS is now dealing with confidential data that has been exposed, working to try and minimise the damage and protect the privacy of as many affected patients as possible.
The patient data that was publicised by Qilin, includes patient names and their dates of birth, as well as their NHS number and descriptions of blood tests that have been performed as reported by the BBC. Nearly 400GB of the confidential data was published on Thursday (20th June 2024).
What impact has the attack had?
Currently, the attack has impacted and caused delays and reschedules in the following as stated by NHS England London in their post made on the 20th of June.
What should you do?
NHS England London has said to continue using services as they normally would if they have concerns about or issues with their health.
They have asked people to not contact their GPs or hospitals to inquire as to whether their data was in the leak, as they do not hold the information.
Instead, they have an incident helpline number for those with questions surrounding the cyber-attack at: 0345 8778967