4th Platform logo white

London Hospital Cyber Attack: NHS confirms patient data stolen

Image of NHS logo

NHS England has confirmed that patient data managed by Synnovis, was stolen in a significant ransomware attack on June 3rd.

The Russian cyber-criminal group Qilin, responsible for the attack, has shared nearly 400GB of private information on their darknet site.

You can read the full BBC report here

What data was stolen from the London Hospital Cyber Attack?

The stolen data includes patient names, dates of birth, NHS numbers, and descriptions of blood tests.

This breach, described by cybersecurity expert Ciaran Martin as “one of the most significant and harmful cyber attacks ever in the UK,” also involves business account spreadsheets detailing financial arrangements between hospitals, GP services, and Synnovis.

What has been the NHS’ response to the London Hospital Cyber Attack?

In response to the attack, NHS England issued a statement assuring the public that there is “no evidence” that test results have been published, although investigations are ongoing. The attack has already disrupted more than 3,000 hospital and GP appointments.

Patients have been advised to continue attending their appointments unless informed otherwise and to seek urgent care as usual. NHS England has also established a helpline to support those affected by the breach.

In a statement to the BBC via an encrypted messaging service, the cyber-attackers claimed: “they targeted Synnovis to punish the UK for insufficient assistance in an unspecified war.”

NHS England is collaborating with Synnovis and the National Crime Agency on this issue. They have pledged to provide ongoing updates as the complex investigation continues.

Scroll to Top