Suspected Russian Hacker Group Breaches UK Medical System...Massive Patient Data Leak

Published 22 Jun.2024 19:19(KST)

Stolen Data Includes 300 Million Records of Cancer Test Results

Patient medical information from the UK's public healthcare system, the National Health Service (NHS), was massively leaked due to a ransomware attack by a hacker group presumed to be based in Russia.

Suspected Russian Hacker Group Breaches UK Medical System...Massive Patient Data Leak

According to major UK media on the 22nd, a group known as 'Qilin,' believed to be based in Russia, attacked the NHS and the private joint venture 'Synovis' system earlier this month, stealing sensitive personal information of patients. Synovis primarily provides pathology testing services such as blood tests to hospitals in the southeast London area.

The stolen information reportedly includes 300 million records, encompassing results of tests for human immunodeficiency virus (HIV) and cancer. Since the hacking on the 3rd, the group demanded a large ransom from Synovis and posted 104 files totaling 380GB on a messaging application during the nights of the 20th and 21st.

Major UK media could not verify the authenticity of the posted materials, but reported that the files bore the 'Synovis' logo and contained names, dates of birth, NHS registration numbers, and types of blood tests.

Significant disruptions to medical services have also occurred. In just 13 days following the hacking, 2,194 hospital appointments and 1,134 surgeries, including cancer treatments and organ transplants, were postponed or canceled. The NHS is operating a dedicated consultation hotline in response to the flood of patient inquiries regarding the incident.