Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Qilin ransomware attack on Synnovis impacted over 900,000 patients

The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London. In June, a ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS hospitals in London. The attack forced the impacted hospitals to cancel some […]

Synnovis

The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London.

In June, a ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS hospitals in London. The attack forced the impacted hospitals to cancel some healthcare procedures, in some cases, patients were redirected to other hospitals.

Synnovis is a pathology partnership between Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospitals NHS Trust, and SYNLAB, Europe’s largest provider of medical testing and diagnostics.

In a post published on its website, Synnovis disclosed it was the victim of a ransomware attack.

CaseMatrix researchers told Recorded Future News that personal information of a million individuals was published online following the June ransomware attack.

“People with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, are among almost a million individuals who had their personal information published online following a ransomware attack that disrupted NHS hospitals in London earlier this year, according to an analysis shared with Recorded Future News.” reported Recorded Future News.

CaseMatrix is the only firm that assessed the number of individuals impacted by the security breach. The company reported that over 900,000 individuals were impacted by the security breach.

NHS England and Synnovis have not provided official counts or details on the compromised data.

On June, the Qilin ransomware gang published the stolen data on its Tor leak site.

Synnovis

CaseMatrix reported that the dataset released by Qilin contained 1.29 million entities, including duplicates. The company also acknowledged a 2-3% error rate.

Leaked data includes sensitive information, including patients’ histology tests and clinical analysis results.

The leaked data includes patient names, dates of birth, NHS numbers, and in some cases, personal contact details. It also includes pathology and histology forms, which often describe symptoms of intimate and private medical conditions shared between medical departments and institutions.

“We are not in a position to comment on or confirm the validity or accuracy of analysis carried out by other parties, nor can we verify whether the data examined by these parties is in fact related to this incident.” reads a statement published by Synnovis.

In August, Synnovis obtained a preliminary injunction from the English High Court against the Qilin ransomware group, Telegram, and a leak site to prevent the publication of stolen data. However, such injunctions are hard to enforce due to defendants often being in unreachable jurisdictions, they allow the victims to notify platforms like Telegram and ISPs to remove the stolen data.

In this case, following this injunction, Telegram blocked the channel used by Qilin ransomware gang to leak the data stolen from the victims.

Synnovis said the action aimed to reassure patients and employees and limit the misuse of the stolen information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)