The group behind the recent Snynnovis cyber attack that disrupted the operation of 5 hospitals in the London area has published the data it stole online.
The database contains 400GB of sensitive information relating to patient names, dates of birth, NHS numbers and blood test descriptions.
There has been no official confirmation from NHS England that the data is genuine, or if it contains blood test results within the data.
A failed ransom?
NHS England released a statement saying, “We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible. This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”
Qilin recently demanded $50 million from Synnovis in return for the data, with today’s news suggesting that Synnovis either refused to enter negotiations or failed to make the payment in time. The US, alongside many security organizations, have been urging companies to refuse paying data ransoms in order to deter cyber criminals from pursuing this tactic, however for many companies it is far easier to pay the ransom and sweep it all under the rug rather than face the potential financial and reputational damage that comes from refusing a ransom.
Richard Cassidy, CISO EMEA at Rubrik said, “Rubrik observed that Healthcare data recoverability after a successful ransomware attack is much lower than for other industries. For example, recent research found that attacks on healthcare organisations lose control of one in five sensitive data records, 394% higher than other sectors. The combined challenge of dealing with sensitive patient data and reverting to manual processes risks serious real-world impacts such as delays to treatment or even deaths.”
“Given the inflated impacts of these attacks, the role of each healthcare IT professional in ensuring business continuity becomes even more crucial. Rapidly restoring their business-critical systems in the face of ongoing attacks can significantly reduce downtime and potentially save lives. Healthcare organisations must be able to protect and recover data during and after an attack for true cyber resilience,” Cassidy concluded.
Via BBC