Security News

In a classic email snafu NHS Highland sent messages to 37 patients infected with HIV and inadvertently used carbon copy instead of Blind Carbon Copy meaning the recipients could see each other's email addresses. This is according to Britain's data watchdog, the Information Commissioner's Office, which has "Reprimanded" the Health Board, which serves a regional population of some 320,000 people and has an annual operating budget of £780 million.

Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months. The incident disrupted healthcare customers, forcing NHS 111 medical services operators, for example, to revert back to pen and paper as digital services went AWOL, sources told us at the time.

Managed service provider Advanced confirmed that a ransomware attack on its systems disrupted emergency services from the United Kingdom's National Health Service. Customers of seven solutions from the British MSP have been impacted either directly or indirectly, the company said.

United Kingdom's National Health Service 111 emergency services are affected by a significant and ongoing outage triggered by a cyberattack that hit the systems of British managed service provider Advanced. Advanced's Adastra client patient management solution, which is used by 85% of NHS 111 services, has been hit by a major outage together with several other services provided by the MSP, according to a status page.

A phishing operation compromised over one hundred UK National Health Service employees' Microsoft Exchange email accounts for credential harvesting purposes, according to email security shop Inky. During the phishing campaign, which began in October 2021 and spiked in March 2022, the email security firm detected 1,157 phishing emails originating from NHSMail accounts that belonged to 139 NHS employees in England and Scotland.

For about half a year, work email accounts belonging to over 100 employees of the National Health System in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. Attackers started using legitimate NHS email accounts in October last year after hijacking them and continued to use them in phishing activity through at least April 2022.

Ten months after attempts first began to extract the medical information of 55 million citizens in England, NHS Digital's former chairman is warning the merger of the agency with NHS England threatens the privacy of people's personal data. The view was that if a patient had chosen to use the NHS they had implicitly agreed that their data could be used for the benefit of the NHS. Writing in trade publication the British Medical Journal, Kingsley Manning said health secretary Sajid Javid's decision to merge NHS Digital into NHS England and NHS Improvement last year was a "Retrograde step not least in the context of this government's clear intent to weaken the constraints on the use of patient data."

The UK's NHS Digital agency is warning organizations to apply new security updates for a remote code execution vulnerability in the Windows client for the Okta Advanced Server Access authentication management platform. "NHS Digital is the national digital, data and technology delivery partner for the NHS and social care system," explains the website for NHS Digital.

The digital security team at the U.K. National Health Service has raised the alarm on active exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an unknown threat actor to drop malicious web shells and establish persistence on affected networks for follow-on attacks. "The attack likely consists of a reconnaissance phase, where the attacker uses the Java Naming and Directory InterfaceTM via Log4Shell payloads to call back to malicious infrastructure," the non-departmental public body said in an alert.

UK's National Health Service has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. According to the NHS notice, the actor is leveraging the exploit to achieve remote code execution on vulnerable VMware Horizon deployments on public infrastructure.