Qilin, a ransomware gang, has recently released nearly 400GB of sensitive healthcare data online following a cyber attack on the pathology laboratory Synnovis. This attack affected NHS organizations in London, leading to disruptions in patient care due to blood stock shortages, delays in medical procedures, and cancelled appointments.
NHS England is currently working with Synnovis, the National Cyber Security Centre, and other partners to investigate the content of the data that was published by Qilin. The released information includes patient names, dates of birth, NHS numbers, and descriptions of blood tests. It is yet to be determined if test results are included in the data as well.
The ransomware gang had previously threatened to publish private information online unless a ransom was paid. Despite the UK government’s policy of not allowing public sector organizations to pay ransoms, Synnovis, being a private sector entity, may have the option to negotiate with the attackers.
Healthcare organizations remain prime targets for ransomware attacks due to the critical nature of the services they provide. Supply chain attacks are also increasing in prevalence, posing a significant cyber security risk to the healthcare sector.
In 2023, Qilin was responsible for eight confirmed attacks, and this year they have claimed over 30. Their ransomware operation uses double extortion tactics to pressure victims, spreading primarily through phishing emails and exploiting vulnerabilities in applications and interfaces.
Earlier this year, Qilin targeted The Big Issue, a UK-based publisher and social enterprise, stealing sensitive information such as personnel data and financial records. The ongoing threat of ransomware attacks highlights the importance of robust cybersecurity measures in the healthcare industry.