NHS England has announced that a cyber criminal group allegedly published data from a ransomware attack on NHS provider Synnovis.

According to reports, Synnovis, which provides pathology services on blood tests, mainly in south-east London was the victim of a cyber attack, understood to be carried out by Russian group Qilin on 3 June.

Stolen data

“NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack,” said NHS England in a statement.

The attack has caused major delays, with hundreds of operations and appointments still being cancelled two weeks after the incident.

“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” added NHS England.

“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

The BBC says, the cyber criminal group shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on their darknet site and Telegram channel.

Analysis underway

“We know how worrying this development may be for many people,” said Synnovis in a statement.

“We are taking it very seriously and an analysis of this data is already under way.”

More Security News