Security News
NHS Dumfries and Galloway has confirmed that a "Recognised ransomware group" was able to "Access a significant amount of data including patient and staff-identifiable information," and has published "Clinical data relating to a small number of patients." "NHS DG still holds the original files and they have not been altered or deleted. Some information has been copied and leaked. NHS DG will contact everyone whose information is known to have been leaked. We are still investigating how much information has been stolen. Unfortunately we cannot yet rule out that more information will be leaked in the future," the board said.
NHS Scotland says it managed to contain a ransomware group's malware to a regional branch, preventing the spread of infection across the entire institution.The INC Ransom group this week claimed responsibility for the assault on 'NHS Scotland', saying it stole 3TB worth of data while leaking a small number of sensitive files.
The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service of Scotland. In a post yesterday, the cybercriminals shared multiple images containing medical details and said that they would leak data "Soon," unless the NHS pays a ransom.
As one of hundreds of NHS trusts in the country, Barts manages five hospitals in the capital and says it serves about 2.5 million people. The criminals behind the attack are the notorious BlackCat crew, aka AlphaV, who have lately made a habit of going after healthcare providers in search of sensitive data.
In a classic email snafu NHS Highland sent messages to 37 patients infected with HIV and inadvertently used carbon copy instead of Blind Carbon Copy meaning the recipients could see each other's email addresses. This is according to Britain's data watchdog, the Information Commissioner's Office, which has "Reprimanded" the Health Board, which serves a regional population of some 320,000 people and has an annual operating budget of £780 million.
Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months. The incident disrupted healthcare customers, forcing NHS 111 medical services operators, for example, to revert back to pen and paper as digital services went AWOL, sources told us at the time.
Managed service provider Advanced confirmed that a ransomware attack on its systems disrupted emergency services from the United Kingdom's National Health Service. Customers of seven solutions from the British MSP have been impacted either directly or indirectly, the company said.
United Kingdom's National Health Service 111 emergency services are affected by a significant and ongoing outage triggered by a cyberattack that hit the systems of British managed service provider Advanced. Advanced's Adastra client patient management solution, which is used by 85% of NHS 111 services, has been hit by a major outage together with several other services provided by the MSP, according to a status page.
A phishing operation compromised over one hundred UK National Health Service employees' Microsoft Exchange email accounts for credential harvesting purposes, according to email security shop Inky. During the phishing campaign, which began in October 2021 and spiked in March 2022, the email security firm detected 1,157 phishing emails originating from NHSMail accounts that belonged to 139 NHS employees in England and Scotland.
For about half a year, work email accounts belonging to over 100 employees of the National Health System in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. Attackers started using legitimate NHS email accounts in October last year after hijacking them and continued to use them in phishing activity through at least April 2022.