[ad_1]
Ransomware hackers continued their attack on NHS organizations across the UK by compromising several hospitals, exposing sensitive patient data, and disrupting emergency services.
Inc Ransom, the prolific Russia-linked ransomware group that claimed responsibility for an attack on NHS Scotland earlier this year, now claims to have compromised Alder Hey Children’s Hospital Trust, one of Europe’s largest children’s hospitals.
In a post on its dark web leak site, Inc Ransom claims to have stolen patient records, donor reports and procurement data spanning 2018 to 2024 from Alder Hey. Samples of the allegedly stolen data seen by TechCrunch include records containing sensitive health information about patients, along with personally identifiable information, such as dates of birth and addresses.
In a statement Published on Wednesday, Alder Hey — Which first confirmed the cybersecurity incident on November 28 – She said she had determined that hackers had compromised the “digital portal service” that many hospitals use to access their systems. This gave hackers access to data from the Children’s Hospital, along with data from Liverpool Heart and Chest Hospital and Royal Liverpool University Hospital, the statement said.
“The attacker claimed to have extracted data from the affected systems,” Alder Hey said in his statement on Wednesday. “We continue to take this case seriously while investigations into whether the attacker may have obtained confidential data continue.”
Alder Hey says its hospital services have not been affected and continue to operate normally, but warns there is a possibility that attackers could “publish data before our investigation is complete”.
Separately, Wirral University Teaching Hospital – located just miles from Alder Hey – was targeted by a ransomware attack, forcing the hospital last week to declare a “major incident” after shutting down its systems.
Wirral Teaching Hospital is responsible for a group of hospitals across the northwest of England, including Arrowe Park Hospital, Clatterbridge Hospital and Wirral Women’s and Children’s Hospital.
The disruption caused by the cyberattack, which no major ransomware group has yet claimed, continues. In a statement Posting on its website on Wednesday, the Wirral Hospital Foundation said that while it works to restore its clinical systems, some services “will continue to be affected”.
“Emergency treatment is being prioritized but waiting times are still likely to be longer than usual in our emergency department and assessment areas,” the foundation said. “We urge all members of the public to only attend the emergency department in cases of true emergency.”
The NHS has long been an attractive target for ransomware hackers. Earlier this year, the health service declared a “serious” incident after a cyberattack on pathology services provider Synnovis led to a massive data breach and months of disruption, including the cancellation of operations and the transfer of emergency patients. The Qilin ransomware gang, which claimed responsibility for the attack, also leaked 400GB of sensitive data that was allegedly stolen from Synnovis, including highly sensitive patient details.
The UK government has not commented on the attacks, but last year it published a report Five pillars strategy It aims to make the NHS more resilient to cyber attacks by 2030. This came just months after the cyber attack on Advanced, an IT services provider, which caused widespread disruption to NHS services across the UK.
The UK government said it will also introduce a Cybersecurity and Resilience Bill to Parliament in 2025, which will mandate reporting of ransomware attacks.
[ad_2]