UK health authorities reported that sensitive data from a ransomware attack causing significant disruptions at London hospitals was published online on Friday.
The cyberattack, which targeted service provider Synnovis earlier this month, particularly impacted blood transfusions, resulting in the cancellation of hundreds of appointments and operations.
Major hospitals such as King’s College Hospital and Guy’s and St Thomas’ in central London were among those affected. NHS England has been informed that the cybercriminal group released data they claim belongs to Synnovis and was taken during the attack.
The body that runs the state-run National Health Service (NHS) in England said, “NHS England has been made aware that the cybercriminal group published data last night, which they claim belongs to Synnovis and was stolen as part of this attack.”
The BBC reported that the Russian cybercriminal group Qilin disclosed nearly 400 gigabytes of data, including patient names, dates of birth, NHS numbers, and blood test descriptions, on their darknet site and Telegram channel.
Synnovis, a pathology testing provider for blood samples in southeast London, fell victim to a cyberattack on June 3. NHS England mentioned, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre, and other partners to swiftly determine the content of the published files.”