Data from a ransomware attack has been allegedly published online weeks after the attack halted operations and tests in major London NHS hospitals, NHS England has said. Synnovis, a private pathology firm that analyses blood tests for Guy’s and St Thomas’ NHS foundation trust (GSTT) and King’s College trust, on 3 June, fell victim to a cyber-attack believed to have been carried out by a Russian group, forcing hospitals in the capital to cancel almost 1,600 operations and outpatient appointments. “NHS England has been made aware that the cyber-criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack,” a statement from NHS England said on Friday.
“We know how worrying this development may be for many people. We are taking it very seriously.” In the attack, hackers from the Russian-based ransomware criminal group Qilin infiltrated Synnovis’s IT system, locked the computer system by encrypting its files to extort a payment for restoring access, it is understood.
The partnership between the trusts and Synnovis, vital to the health service’s smooth-running, have contracts totalling just under £1.1bn. NHS England said an analysis of the data was under way with the health service, the National Cyber Security Centre and other partners to confirm whether the data was taken from Synnovis’s systems and what information it contained.
It remains unclear whether Qilin has stolen NHS patient data alongside.