NewForTech

Home » Latest » Security » Patient and staff data affected by Cl0p ransomware attack on Barts Health NHS

Patient and staff data affected by Cl0p ransomware attack on Barts Health NHS

1 hit

A person in a medical practice typing on a laptop.
2 minutes

Written by

Tech Insider (NewForTech Editorial Team)

in

  • Barts Health NHS Trust has confirmed that Cl0p ransomware abused the Oracle E-Business Suite and stole billing information.
  • The information disclosed includes the names, addresses and medical records of patients and former staff.
  • The trust says the systems remain secure and is asking the High Court for an injunction blocking the use of the data.

Barts Health NHS Trust has become the latest organization to confirm it has been hit by a ransomware attack via the Oracle E-Business Suite vulnerability.

In a data breach notice published last week, the organization said the notorious Cl0p ransomware group used the E-Business Suite vulnerability in August to break into IT infrastructure and access a database “of invoices”.

The flaw was recently discovered when Cl0p published the stolen data on the dark web. According to the trust, this data includes people’s names and addresses, as well as data “relating to accounting services provided to Barking, Havering and Redbridge University Hospitals NHS Trust since April 2024”.

Urgent action

Among those affected were also patients and former employees, although it is not yet clear how many had their information stolen. Barts said electronic medical records and clinical systems were not affected “and we are confident that our core IT infrastructure is secure.”

However, everyone is encouraged to pay attention to incoming emails and instant messages. Information stolen during the breach cannot be used to cause direct harm, but it can be used to send convincing phishing emails, trick victims into sharing their passwords with attackers, make payments, or even be used as leverage for identity theft.

The data has not yet been fed into Clearweb, the trust said, adding that it has taken “urgent action” and sought a High Court order banning the publication, use or distribution of this data. However, we are not sure how important such an order would be to cybercriminals.

“We are working with NHS England, the National Cyber ​​​​Security Center and the Metropolitan Police and have reported the breach to the relevant regulatory authorities, including the Information Commissioner’s Office,” the statement said.

“We are very sorry that something like this happened and we are taking steps together with our suppliers to ensure that something like this cannot happen again.”

IN cyber news