UPDATED 14:52 EDT / JUNE 21 2024

SECURITY

Hacking group Qilin leaks data stolen from UK medical testing provider Synnovis

A ransomware gang has reportedly published 400 gigabytes of data stolen from Synnovis, a UK-based provider of medical testing services.

The U.K.’s healthcare system, the National Health Service, said today that law enforcement agencies are working to verify the data. “The National Crime Agency and National Cyber Security Centre are working to verify the data included in the files published by the criminals,” the NHS detailed in a statement. “These files are not simple uploads and so investigations of this nature are highly complex and can take weeks if not longer to complete.”

Synnovis is a joint venture between the NHS and Synlab AG, a Munich-based provider of medical testing services. It processes blood tests for four London hospitals. A ransomware attack on June 3 saw a hacker group download data from the company’s network and disrupt some of its internal systems.

The hacker group, which is known as Qilin, on Thursday leaked about 400 gigabytes of data it stole in the breach. A subset of the records analyzed by the BBC was found to contain patients’ names, dates of birth, NHS numbers and descriptions of blood tests. Additionally, the leaked data trove reportedly includes spreadsheets with information about transactions between hospitals, general practitioner and Synnovis.

The NHS stated that there is no indication the hackers gained access to its email system. “However, we would remind you that you will not receive unexpected contact from the NHS asking for personal or financial information,” it cautioned.

Besides stealing data, the hackers also disrupted some of Synnovis’ clinical operations. On June 14, 11 days after the breach, the NHS stated that about 1,500 elective surgeries and outpatient appointments had to be delayed because of the breach. On Thursday, officials detailed that this number more than doubled to about 3,300.

“Unprocessed samples were made safe by Synnovis and stored in their labs,” the NHS detailed today. “However, due to the time that has now lapsed, some of these samples are no longer suitable for analysis and will need to be discarded. Synnovis is working with the NHS Trusts and GP practices to determine which samples are affected and the process for informing patients.”

The NHS has set up a helpline to answer patients’ questions about the breach. It also launched a webpage that will display updates on what information was compromised in the breach.

The Synnovis breach represents the latest in a series of high-profile cyberattacks against healthcare organizations.

Last month, U.S. health system Ascension disclosed that a cyberattack had disrupted some of its clinical operations. Earlier, hackers leaked data stolen from a unit of UnitedHealth Group Inc., the largest health insurer in the U.S. The latter breach temporarily left many doctors unable to process medical claims or fill prescriptions. 

Photo: Raxpixel

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU