Ransomware Hackers Target UK’s National Health Service Trusts
Multiple Hospitals Compromised in Ransomware Attacks
The United Kingdom’s National Health Service (NHS) has been under siege by ransomware hackers, with multiple hospitals being compromised. The attacks have exposed sensitive patient data and disrupted emergency services.
Inc Ransom, a Russia-Linked Ransomware Group, Claims Responsibility for Alder Hey Breach
One of the most recent breaches is attributed to Inc Ransom, a prolific Russia-linked ransomware group that claimed responsibility for an attack on NHS Scotland earlier this year. The group now claims to have breached the Alder Hey Children’s Hospital Trust, one of Europe’s largest children’s hospitals.
In a post on its dark web leak site, Inc Ransom claims to have stolen patient records, donor reports, and procurement data spanning between 2018 and 2024 from Alder Hey. Samples of the alleged stolen data include records containing sensitive health information on patients, along with personally identifiable information such as dates of birth and addresses.
Alder Hey’s Response to the Cybersecurity Incident
In a statement published on Wednesday, Alder Hey confirmed that hackers had compromised its digital gateway service, which is used by several hospitals to access its systems. This gave the hackers access to data belonging to the children’s hospital, along with data from Liverpool Heart and Chest Hospital and Royal Liverpool University Hospital.
"Alder Hey says that its hospital services remain unaffected and continue to run normally," the statement reads. "However, we are continuing to take this issue very seriously while investigations continue into whether the attacker has obtained confidential data."
The hospital also warned that there was a possibility that the attackers "may publish the data before our investigation is concluded."
Separate Ransomware Attack Targets Wirral University Teaching Hospital
A separate ransomware attack has targeted the Wirral University Teaching Hospital, located just miles from Alder Hey. The attack, which forced the hospital to declare a ‘major incident’ after shutting down its systems, is ongoing.
In a statement published on its website Wednesday, the Wirral hospital trust said that while it is in the process of restoring its clinical systems, some services will "continue to be affected." Emergency treatment is being prioritized, but there are still likely to be longer than usual waiting times in the Emergency Department and assessment areas.
The NHS’s Vulnerability to Ransomware Attacks
The NHS has long been an attractive target for ransomware hackers. Earlier this year, the health service declared a ‘critical’ incident after a cyberattack on pathology services provider Synnovis led to a massive data breach and months of disruption, including canceled operations and the diversion of emergency patients.
The Qilin ransomware gang, which claimed responsibility for the attack, also leaked 400 gigabytes of sensitive data allegedly stolen from Synnovis, including highly sensitive patient details.
UK Government’s Efforts to Combat Cyberattacks
The UK government has published a five-pillar strategy that aims to make the NHS more resilient to cyberattacks by 2030. This came just months after a cyberattack on Advanced, an IT service provider, that caused widespread disruption to NHS services across the U.K.
The UK government has also announced plans to introduce the Cyber Security and Resilience Bill to parliament in 2025, which will mandate the reporting of ransomware attacks.
Conclusion
The recent ransomware attacks on NHS trusts in the United Kingdom highlight the ongoing threat posed by cybercriminals to sensitive data and critical infrastructure. The UK government’s efforts to combat cyberattacks are essential in protecting the country’s healthcare system and preventing further breaches.
Related Articles
- Google’s X Spins Out Heritable Agriculture, a Startup Using AI to Improve Crop Yield
- AI Systems with ‘Unacceptable Risk’ Are Now Banned in the EU
- US Blood Donation Giant Warns of Disruption After Ransomware Attack
- A Brief History of Mass Hacks
- Tata Technologies Says Ransomware Attack Hit IT Assets, Investigation Ongoing
Stay up-to-date with the latest news and insights from TechCrunch’s AI experts.
