Data from NHS cyber attack that cancelled operations ‘published online by criminal group’
The cyber attack is understood to have been carried out by Russian group Qilin
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Sensitive data from a ransomware attack on systems used by hospitals and GP services in South London has allegedly been published online by a cyber criminal group, as the attack forces providers to destroy 20,000 blood samples.
Synnovis, which provides pathology services on blood tests, primarily in south-east London, was the victim of a cyber attack – understood to have been carried out by Russian group Qilin – on June 3.
NHS England has now warned that patients details have been posted online by the group and have set up hospital helplines for those affected.
New updates from Synnovis, obtained by The Independent, said the provider as of this morning was not aware of what details specifically have been published.
Synnovis also revealed it had to cancel testing for 20,000 blood samples across 13,5000 patients received since 16 June as it could test them, so samples have “degraded”. As a result, the samples will be destroyed and patients will have to have new blood tests.
Have you been impacted by this story? email rebecca.thomas@independent.co.uk
Thousands of operations and appointments were cancelled in the wake of the attack and hundreds are still being cancelled two weeks after the incident.
According to the BBC, the cyber criminal group shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on its darknet site and Telegram channel. It is not known if test results are also in the data.
Spreadsheets containing financial arrangements between hospitals and GP services and Synnovis were also published, the BBC reported.
More than 1,130 planned operations and 2,190 outpatient appointments have been postponed at London hospitals, with the King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust hit the hardest.
The Independent previously revealed that thousands of blood test samples were set to be destroyed as a result of the cyberattack, with GP practices in London only able to complete 400 tests out of 10,000 a day.
NHS England has committed to publishing weekly data on the impact of the cyber attack, after admitting it will take months for hospitals to fully recover from its impact.
Among those to have their operations cancelled is Russell Ashley-Smith, 81, who told The Independent that he has been left fearing for his health after a life-saving procedure was postponed.
He is awaiting complex open heart surgery at King’s College Hospital in Denmark Hill, without which he may have up to two years to live.
In a statement on Friday morning, NHS England said: “NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack.
“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible.
“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.
“As more information becomes available through Synnovis’ full investigation, the NHS will continue to update patients and the public.”
Synnovis, in a statement on Friday, said: “We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already under way.”
Between 10 and 16 June, the second week after the attack, more than 320 planned operations and 1,294 outpatient appointments were postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.
The number of rearranged planned operations was 494 lower than in the first week after the attack, but the number of missed outpatient appointments increased by 394.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments