Qilin ransomware group leaks 400GB of data stolen from Synnovis' systems

The infamous Qilin ransomware group which hacked into the internal network of pathology services provider Synnovis has leaked close to 400 gigabytes of data stolen from the centre’s systems.

 

The London-based pathology services provider said that on June 3, it was a victim of a ransomware attack that affected all IT systems. The ransomware attack affected several NHS hospitals including Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospital NHS Foundation Trust, and other primary care providers across south east London.

 

Ciaran Martin, the former CEO of the National Cyber Security Centre, said that the Qilin ransomware group was behind the cyber attack on Synnovis. In an interview with BBC Radio 4, Martin said, “We believe it is a Russian group of cyber criminals who call themselves Qilin.

 

“They’re simply looking for money. It’s unlikely they would have known that they would have caused such serious primary healthcare disruption when they set out to attack the company,” he added.

 

The Qilin ransomware group claimed responsibility for the cyber attack on Synnovis, and has now released 394.1 GB of confidential information stolen from the company. According to Sky News, the leaked data includes names, dates of birth, NHS numbers and descriptions of blood tests.

 

Soon after, NHS England released a statement acknowledging the data leak.

 

“NHS England has been made aware that a cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack.

 

“The National Crime Agency and National Cyber Security Centre are working to verify the data included in the published files as quickly as possible,” it said.

 

“We understand that people may be concerned by this and as more information becomes available through Synnovis’ full investigation, the NHS will continue to update patients and the public on the NHS Digital website,” the trust added.