Security News > 2022 > October > LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites

LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites
2022-10-14 08:32

Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months.

The incident disrupted healthcare customers, forcing NHS 111 medical services operators, for example, to revert back to pen and paper as digital services went AWOL, sources told us at the time.

Advanced has now informed those customers, as is its legal duty, of the "Exfiltrated data." The company's incident update says no data was taken from the other products it hosts, and it has "Recovered the limited amount of data" that the crooks swiped from the infected systems.

Microsoft and Mandiant, hired by Advanced, have confirmed the malware strain deployed in the attack was LockBit 3.0, the latest version of the ransomware released in June.

Advanced is understood to have 36 NHS clients that provide service thousands of healthcare professionals.

Undertaking an assurance process to rebuild affected health and care services, overseen by Britain's National Cyber Security Centre, the NHS and NHS Digital, "Took longer than expected" and "Impacted our overall recovery time", the incident report says.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/14/nhs_software_hosting_provider_advanced_ransomware_lockbit/