NHS Service Provider DXS International Hit by Major Data Security Incident

DXS International, a U.K. healthcare technology company serving England’s National Health Service (NHS), experienced a major data security incident that affected its internal network, leading to multiple systems being taken offline.

 

DXS International is a UK-based health technology company that delivers clinical decision support and workflow software to healthcare providers, particularly the NHS, helping clinicians manage complex care and improve efficiency and patient outcomes.

 

In a recent filing with the London Stock Exchange, DXS said that on December 14, it identified a data security incident affecting its office servers. Upon discovery, the company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“Once discovered, the data security breach was immediately contained by means of a joint effort by DXS’s internal IT security teams in close cooperation with NHS England. The Board has appointed an external cyber security specialist agency whose thorough investigations are underway to establish the nature and extent of the incident.

 

“The Company has notified the relevant regulators, authorities, and law enforcement agencies, including the Information Commissioner’s Office, and various NHS bodies and is fully cooperating with their investigations,” DXS said.

 

The healthcare technology provider said the incident had minimal impact on its services, adding that front-line clinical systems remain unaffected and fully operational.

 

“The Company does not currently anticipate that this incident will have a material adverse impact on its financial position or on the market forecasts for its financials for FY 30 April 2026,” DXS added.

 

x.com/TechNadu/status/2001982179388350959

 

A relatively new ransomware group known as DevMan has claimed responsibility for the cyber attack on DXS International. The group listed the company as a victim on its data leak site, claiming it obtained approximately 300 GB of confidential data. DevMan has threatened to release the stolen information if its ransom demands are not met.