Hackers behind cyber attack ordered by judge to return stolen NHS patient data

15 August 2024, 12:54

The entrance to St Thomas' Hospital in London
Cyber attack at major London hospitals. Picture: PA

A ransomware gang targeted pathology services provider Synnovis on June 3.

Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data.

Pathology services provider Synnovis was targeted by Russian cyber gang Qilin on June 3, with hackers reportedly obtaining confidential medical information and blood test results of more than 100,000 patients, the court was told.

The ransomware attack saw appointments cancelled at two London NHS trusts and prompted a warning that parts of the NHS’s IT system are “out of date” and at risk of further attacks.

In a written ruling on Thursday, Mrs Justice Stacey said she had granted Synnovis’s bid for an interim injunction seeking to prevent the release of stolen data.

The judge’s temporary order against “persons unknown” requires the hackers to provide their full names and addresses to allow for legal documents to be served on them.

Mrs Justice Stacey also said it was “plainly just and convenient” for the order to include “a prohibition preventing further unauthorised access of the claimant’s IT systems by the defendants – a so-called anti-hacking injunction” to help prevent more attacks.

Synnovis’s case was considered at a hearing in London last month, which the judge said was held in private due to discussions over “the theft of confidential, highly personal medical information”.

The BBC has reported that the Qilin gang has carried out “criminal hacks for extortion purposes of a range of public and private services and companies since 2022”, the judge was told.

After the Synnovis cyber attack, which saw a ransom note left on its IT systems, Qilin told the broadcaster it took responsibility.

The information obtained was the “commercially sensitive, private and… confidential” medical records of patients at the Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust, the court was told.

Some data was released via the Telegram messaging platform on June 20, while a post of information and a statement was published on a website called “Wikileaksv2” on June 27.

Telegram had not responded to a request to remove information, while Wikileaksv2 is feared to be a “clone site” under the control of hackers, the judge heard.

Mrs Justice Stacey said there was “a real risk that further unauthorised, damaging disclosures” could be made.

“The defendants have come into possession of the claimant’s confidential information or property through criminal and unlawful actions,” the judge added.

“It has done so for the purpose of commercial gain. It is engaging in extortion.

“The claimant has established that publication of the information should not be allowed and that its use should be restricted.”

The judge continued: “I am also satisfied that the defendants must identify themselves – their actions appear unlawful and it appears that they are seeking to hide their identity behind a cloak of anonymity and an organisation, Qilin, which has no legal identity.”

According to the BBC, Qilin shared almost 400GB of data, including patient names, dates of birth, NHS numbers and descriptions of blood tests, on its darknet site and Telegram channel.

Earlier this month, NHS England London said a total of 10,001 acute outpatient appointments and 1,680 elective procedures had been cancelled across the two trusts.

It said more than 60 IT systems used in laboratories have been rebuilt, or are in the process of being rebuilt, with capacity increasing.

By Press Association

More Technology News

See more More Technology News

Mark Zuckerberg speaks about Meta AI during the Meta Connect Conference in California in September

Meta AI tools come to UK for first time

Google Stock

US government says it is considering breaking up Google after competition case

A woman’s hand pressing keys on a laptop keyboard

Lack of digital confidence costing people money and job opportunities – study

A person using a laptop

Government opens new competition to find next generation of cybersecurity talent

Exclusive
Ukrainian military learn to fly drones with bombs attached at a special school on May 12, 2023 in Lviv region Ukraine.

Ukraine’s AI-powered drone swarms signal the future of warfare and 'level the playing field' with Russia, report reveals

Web search page with Google

Google ordered to open app store to rivals by US judge

Appeals Centre Europe is an independent body (PA)

Social media users can appeal over content disputes to new settlement body

A close-up of a group of young people looking at mobile phones

Fear of missing out sees girls stay online despite negativity, survey finds

A close up of copper inside electrical cables

Recycling old cables could help provide copper needed for green tech – study

A woman’s hands on a laptop keyboard.

New regulatory office ‘to help new tech reach public faster’

Woman talking on mobile phone and working on laptop

New AI-powered scam detection tool launches

Google screen

Google brings more AI to search engine in ‘significant’ update

UK Information Commissioner John Edwards

Accountability comes in many forms – Information Commissioner

The ChatGPT website

OpenAI raises £5 billion in largest ever funding round

A woman using a laptop as she holds a bank card

Meta partners with UK banks to combat fraud

The word Google in white on dark glass at the company's offices

Google breached TV company trademark through YouTube Shorts service, court told