News

Huge data hack hits Barts Health, Whipps Cross manager

5 July, 2023 3:48 pm
2 Min Read

The hacking group responsible is threatening to release seven terabytes of stolen information from the NHS Trust, reports Marco Marcelline

A Russian hacking group has said it hacked Barts Health NHS Trust, which manages Whipps Cross Hospital. The group is threatening to release seven terabytes of stolen information.

The data breach could potentially affect 2.5 million people as the NHS Trust manages St. Bartholomew’s, the Royal London, Mile End, and Newham in addition to Whipps Cross Hospital.

A spokesperson for Barts Health NHS Trust told the Echo: “We are aware of claims of a ransomware attack and are urgently investigating.”

The spokesperson did not reveal details on the stolen data and whether Whipps Cross patients had their data breached in the hack.

Brett Callow, a threat analyst from Emisoft, a cybersecurity firm, told the Echo that it’s a common attack with “hundreds” of hospitals across the world having been “heavily targeted with these attacks in recent years”.

As Callow notes, Alphv claims to have stolen about 7 TB of data from Barts, “which would represent a massive amount of information”. It’s unclear whether Alphv’s claim is true or not, however.

In broken English, the hackers claimed on their dark web page that Barts Health data hack amounted to the “most bigger leak from health care system in UK.”

That dark web post also lists the files the hacking group purportedly stole from Barts Health. This includes copies of employees’ driving licenses and passports, NHS client documentation and credit card information, as well as internal emails marked as confidential. 

The dark-web post made by the hackers describing the leak. Credit: Brett Callow/Emisoft

As Bloomberg notes in a prior report, the hackers have been active since November 2021 and have authored attacks on a wide range of targets around the world. Palo Alto Networks, a US cybersecurity firm, reported last year that the hacking group operates by recruiting “affiliates” on cybercrime forums who pay to use its ransomware to hack companies and organizations.

Ransomware is a type of malicious software that blocks access to a computer system until a sum is paid. Hackers using ransomware typically threaten to publicly release stolen private information unless they receive payment, as is the case here.

Advice for anyone who thinks they may have been subject to identity theft because of a ransomware attack can be found here

No news is bad news 

Independent news outlets like ours – reporting for the community without rich backers – are under threat of closure, turning British towns into news deserts. 

The audiences they serve know less, understand less, and can do less. 

If our coverage has helped you understand our community a little bit better, please consider supporting us with a monthly, yearly or one-off donation. 

Choose the news. Don’t lose the news.

Monthly direct debit 

Annual direct debit

£5 per month supporters get a digital copy of each month’s paper before anyone else, £10 per month supporters get a digital copy of each month’s paper before anyone else and a print copy posted to them each month.  £50 annual supporters get a digital copy of each month's paper before anyone else.

Donate now with Pay Pal

More information on supporting us monthly or annually 

More Information about donations

Tags
FacebookXRedditPinterestEmailLinkedInWhatsApp
Our newspaper and website are made possible by the support of readers and by displaying online advertisements to our visitors. Please consider helping us to continue to bring you news by disabling your ad blocker or supporting us with a small regular payment.