The Russian gang ALPHV claimed on its website last week that it had obtained seven terabytes of internal documents from the Barts Health NHS Trust, a network of five hospitals in London that care for about 2.5 million people, and threatened to post them online unless a ransom is paid.
A spokesperson for the UK’s National Cybersecurity Centre said in a statement on Wednesday that it was “working with Barts Health NHS Trust and partners to fully understand the impact of an incident,” and a spokesperson for Barts said that it was “urgently investigating” the hacking gang’s claims.
The extent of the damage caused by this incident isn’t clear yet, but the gang published a selection of files it said it stole, including copies of employees’ driving licenses and passports, internal emails and correspondence marked confidential. In broken English, the hackers claimed that the haul of data amounted to the “most bigger leak from health care system in UK.”
The breach marks the third major cyberattack that Barts has faced in the last six years.
Roy Akerman, Co-Founder & CEO, Rezonate had this to say:
“Healthcare providers continue to be a target for malicious adversary and in particular Ransomware groups. The PII reported stolen is valuable intelligence attackers are constantly trying to obtain to be used as follow up attacks and sell them to the highest bidder. As such, healthcare providers must validate their security and assure readiness at all times, across every initial attack technique as well as the detection and prevention once the attacker tries to expand across the network.”
Carol Volk, EVP, BullWall follows up with this:
“This new cyberattack on the Barts Health NHS Trust highlights the persistent and growing dangers of ransomware in the health sector. This incident serves as a stark reminder of the urgent need for robust cybersecurity measures, including ransomware containment, to be made mandatory for organizations in the healthcare industry. This breach not only poses a significant risk to the affected individuals but again raises broader concerns regarding patient privacy and the security of healthcare systems as a whole.
“What makes this incident particularly alarming is that it is the third major cyberattack that Barts Health NHS Trust has faced in the past six years. This pattern of repeated attacks underscores the vulnerability of the healthcare sector to cyber threats. It is imperative that healthcare organizations prioritize cybersecurity investments and adopt proactive measures to safeguard patient data and critical infrastructure.”
Roy Akerman, Co-Founder & CEO, Rezonate concludes with this:
“Healthcare providers continue to be a target for malicious adversary and in particular Ransomware groups. The PII reported stolen is valuable intelligence attackers are constantly trying to obtain to be used as follow up attacks and sell them to the highest bidder. As such, healthcare providers must validate their security and assure readiness at all times, across every initial attack technique as well as the detection and prevention once the attacker tries to expand across the network.”
We’ll find out the full scale of this breach soon enough, assuming that this breach actually happened. Consider this one of those stories to stay tuned to.
Like this:
Like Loading...
Related
This entry was posted on July 7, 2023 at 8:20 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
ALPHV Claims To Have Pwned An NHS Trust… And The Pwnage Could Be Huge
The Russian gang ALPHV claimed on its website last week that it had obtained seven terabytes of internal documents from the Barts Health NHS Trust, a network of five hospitals in London that care for about 2.5 million people, and threatened to post them online unless a ransom is paid.
A spokesperson for the UK’s National Cybersecurity Centre said in a statement on Wednesday that it was “working with Barts Health NHS Trust and partners to fully understand the impact of an incident,” and a spokesperson for Barts said that it was “urgently investigating” the hacking gang’s claims.
The extent of the damage caused by this incident isn’t clear yet, but the gang published a selection of files it said it stole, including copies of employees’ driving licenses and passports, internal emails and correspondence marked confidential. In broken English, the hackers claimed that the haul of data amounted to the “most bigger leak from health care system in UK.”
The breach marks the third major cyberattack that Barts has faced in the last six years.
Roy Akerman, Co-Founder & CEO, Rezonate had this to say:
“Healthcare providers continue to be a target for malicious adversary and in particular Ransomware groups. The PII reported stolen is valuable intelligence attackers are constantly trying to obtain to be used as follow up attacks and sell them to the highest bidder. As such, healthcare providers must validate their security and assure readiness at all times, across every initial attack technique as well as the detection and prevention once the attacker tries to expand across the network.”
Carol Volk, EVP, BullWall follows up with this:
“This new cyberattack on the Barts Health NHS Trust highlights the persistent and growing dangers of ransomware in the health sector. This incident serves as a stark reminder of the urgent need for robust cybersecurity measures, including ransomware containment, to be made mandatory for organizations in the healthcare industry. This breach not only poses a significant risk to the affected individuals but again raises broader concerns regarding patient privacy and the security of healthcare systems as a whole.
“What makes this incident particularly alarming is that it is the third major cyberattack that Barts Health NHS Trust has faced in the past six years. This pattern of repeated attacks underscores the vulnerability of the healthcare sector to cyber threats. It is imperative that healthcare organizations prioritize cybersecurity investments and adopt proactive measures to safeguard patient data and critical infrastructure.”
Roy Akerman, Co-Founder & CEO, Rezonate concludes with this:
“Healthcare providers continue to be a target for malicious adversary and in particular Ransomware groups. The PII reported stolen is valuable intelligence attackers are constantly trying to obtain to be used as follow up attacks and sell them to the highest bidder. As such, healthcare providers must validate their security and assure readiness at all times, across every initial attack technique as well as the detection and prevention once the attacker tries to expand across the network.”
We’ll find out the full scale of this breach soon enough, assuming that this breach actually happened. Consider this one of those stories to stay tuned to.
Share this:
Like this:
Related
This entry was posted on July 7, 2023 at 8:20 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.