Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Josh Salisbury

London hospitals hackers publish stolen NHS blood test data on dark web

A hacker gang behind a cyberattack who targeted an NHS blood testing company which threw services at major London hospitals into disarray has published stolen data online.

Qilin, a cyber criminal group thought to be based in Russia, hacked firm Synnovis on June 3 in an extortion bid, significantly reducing the tests that can be carried out at both King’s College Hospital Trust and Guy’s and St Thomas’ Trust.

Overnight on Thursday, the group published almost 400GB of data reportedly stolen in the hack on the dark web.

The BBC reported it included patient names, NHS numbers and dates of birth. The leak is being probed by police.

It is not currently known if test results are included in the data, but the cache reportedly does include business accounts showing financial transactions between Synnovis and hospitals.

An NHS England spokesperson said it was “aware” that data claimed to have been stolen in the hack was published online on Thursday night.

“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” said a spokesperson.

“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

So far, 1,134 operations and 2,194 outpatient appointments have been postponed at King’s College Hospital Trust and Guy’s and St Thomas’ Trust since June 3.

Of the postponed elective procedures, around 184 were postponed cancer treatments, according to NHS data.

The attack has also severely impacted GPs in south and south east London, who are unable to carry out routine blood tests.

In an update on Thursday, Dr Chris Streather, Medical Director for NHS London, said the hack was continuing to have a significant impact on services.

“Although we are seeing some services operating at near normal levels and have seen a reduction in the number of elective procedures being postponed, the cyber-attack on Synnovis is continuing to have a significant impact on NHS services in South East London,” he said.

“Having treatment postponed is distressing for patients and their families, and I would like to apologise to any patient who has been impacted by the incident, and staff are continuing to work hard to re-arrange appointments and treatments as quickly as possible.”

Synnovis was formed from a partnership between SynLab UK and Ireland, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust.

In 2021, it was announced that SynLab would partner with the NHS to deliver pathology services at hospitals and GP services across south-east London.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.