Hackers publish NHS patients’ data after cyber attack including names, addresses and medical conditions | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

[ad_1]

  • Hackers have targeted NHS Dumfries and Galloway and demanded payment

A hacker group is in possession of at least a ‘small number’ of patients’ data following a cyber attack, NHS Dumfries and Galloway has said.

Reports have emerged of a post by the ransomware group – INC Ransom – on its dark web blog. The hacker group claimed it was in possession of three terabytes of data from NHS Scotland.

The post included a ‘proof pack’ of some of the data, which has been confirmed by the NHS board to be genuine.

INC Ransom posted its bulletin yesterday but did not give a public deadline for payment. 

Besides the cache of patient details which has already been published, NHS Dumfries and Galloway previously reported a cyber incident on March 15 – adding credence to the hacker group’s claims.

In a statement posted on its website, NHS Dumfries and Galloway’s chief executive Jeff Ace said: ‘We absolutely deplore the release of confidential patient data as part of this criminal act.

INC Ransom posted a cache of stolen data from NHS Dumfries and Galloway as proof that it had hacked the NHS board’s IT system. It has vowed to publish yet more confidential data unless the board agrees to its demands
In a statement posted on its website, NHS Dumfries and Galloway’s chief executive Jeff Ace said: ‘We absolutely deplore the release of confidential patient data as part of this criminal act’

‘This information has been released by hackers to evidence that this is in their possession.

‘We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government and other agencies in response to this developing situation. 

‘Patient-facing services continue to function effectively as normal.

‘As part of this response, we will be making contact with any patients whose data has been leaked at this point.

‘NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.’

INC Ransom appeared on the dark web in July 2023. The group typically encrypts and steals data from targets before treatening to publish it online unless the victim pays up.

According to monitoring tool Ransomlooker, INC Ransom has targeted no fewer than 65 organisations in the last year.

A Police Scotland spokesperson said: ‘Police Scotland enquiries are continuing into a cyber attack on NHS Dumfries & Galloway.’

[ad_2]

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW