On June 3, the Russian hacker group Qilin conducted a ransomware attack against three major hospitals in London. The cyberattack directly affected Synnovis, a pathology services provider, causing significant operational disruptions. This type of attack aims to demand ransomware to prevent the stolen data from being publicly disclosed within a certain timeframe. Indeed, a few weeks later, after the requested ransom (£40 million) was not paid, the Qilin cybercriminal group published approximately 400GB of data on the dark web. This data includes names, birth dates, NHS numbers, and descriptions of blood tests.
Additionally, financial documents were also exposed. Synnovis, with NHS and cybersecurity partners, is analyzing the published data to determine its origin and content. In a public statement, NHS England acknowledged the data leak and is working to verify its authenticity. Furthermore, Dr. Chris Streather, the Medical Director of NHS London, emphasized the significant impact on services and apologized to affected patients.