In light of the substantial data breach impacting London hospitals, the UK government is deliberating its response to Russian hackers. The cyber-attack on 3rd June targeted Synnovis, a laboratory service provider for numerous NHS hospitals, resulting in the theft of 300 million patient records, including sensitive blood test results for conditions such as HIV and cancer.
The hackers, identified as the Russian group Qilin, released the stolen data on the dark web and their Telegram channel after a £40 million ransom demand went unmet. In the aftermath of the attack, affected hospitals, including Guy’s, St Thomas’, and King’s College, have established helplines to support concerned patients.
In response, the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) are exploring potential retaliatory actions. The UK has a precedent of taking action against ransomware groups; for example, the NCA, in collaboration with international agencies, recently disrupted the LockBit gang, leading to the identification of its alleged leader, Dmitry Khoroshev.
Meanwhile, NHS England has cautioned patients about possible ransom demands and urged them to report such incidents to Action Fraud immediately. The attack has disrupted operations across numerous hospitals, which are now limiting access to blood tests and rescheduling surgeries. The NHS is striving to mitigate the impact by reallocating some cases to alternative lab service providers and enhancing the availability of blood tests.
