Alder Hey NHS foundation says cyber attack compromised the systems of three NHS hospitals

West Derby, Liverpool-based Alder Hey Children’s Hospital NHS Foundation Trust says that a cyber attack that struck its network has compromised sensitive data from three NHS organisations.

 

Last month, the infamous INC Ransom group said it infiltrated the internal network of Alder Hey Children’s Hospital NHS Foundation Trust and stole sensitive data dating back to 2018.

 

According to screenshots shared on X, the cyber criminals published samples of the stolen data to prove the authenticity of their claims, including patient records, donor reports, procurement data and more.

 

Acknowledging the ransomware group’s claims, a spokesperson for the Alder Hey NHS foundation said that the trust had begun investigating the hacker group’s claims.

 

In a recent update, the NHS foundation said that its investigation has revealed that the cyber attack compromised the computer networks of three NHS organisations.

 

“Criminals gained unlawful access to data through a digital gateway service shared by Alder Hey and Liverpool Heart and Chest Hospital. This has resulted in the attacker unlawfully getting access to systems containing data from Alder Hey Children’s NHS Foundation Trust, Liverpool Heart and Chest Hospital, and a small amount of data from Royal Liverpool University Hospital,” reads the update.

 

While hospital services remain unaffected and continue to run normally, the trust’s investigation is still in progress to determine the scope of the incident. As part of its response to the cyber attack, the trust has made “progress in securing impacted systems and ensuring the attackers do not have continued access.”

 

“We are continuing to take this issue very seriously while investigations continue into whether the attacker has obtained confidential data. The investigation into the data may take some time, and there is a possibility that the attacker may publish the data before our investigation is concluded,” the trust added.

 

Alder Hey NHS foundation is working with the guidance of the National Crime Agency and the Information Commissioner’s Office to investigate the incident and said it will share more updates on the impact to people’s data whenever available.