
Hackers have released private information obtained from a blood testing company that works with the National Health Service (NHS), causing widespread disruption to hospitals in London.
Qilin uploaded nearly 400 GB of sensitive data to their darknet site during the night on Thursday.
Since their hack on 3 June, the gang has been attempting to extort funds from NHS provider Synnovis. In an interview with the BBC, Qilin threatened to leak the information they hacked unless they received payment. Names, birthdays and account NHS numbers, and descriptions of blood tests are some of the data that the BBC has seen. Blood test results were not included.
The leak of business account spreadsheets details the financial arrangements between Synnovis, hospitals, and GP services. NHS England claimed it knew about the leak but acknowledged that it lacked authenticity.
NHS announced it had learned of the cybercriminal group’s publication of data that the group claims was stolen from Synnovis. They claimed to be collaborating with the National Cyber Security Centre, Synnovis, and others to swiftly ascertain the content of the released files.
Synnovis acknowledged that many people may be concerned about this development. An investigation was started to look into the hack, and they are treating it with the seriousness it deserves.
Over three thousand doctor’s visits, hospital stays, and other business activities were impacted by the interruption to pathology services caused by the Synnovis intrusion, making it one of the biggest cyberattacks in UK history.
Like many ransomware groups, this one refused to reveal its location. It is widely believed that they are located in Russia. Because Russia’s government refuses to cooperate with Western law enforcement demands, hacker arrests are very unusual in that country.
Ransomware group Qilin declined to provide more details about its political affiliation or location.
China, Russia, the USA, Brazil, India, Iran, North Korea, Vietnam, Nigeria, Germany, and Romania are among the top nations for cyber hacking activities.