Ransomware group says it will leak NHS data unless demands met
HACKERS have threatened to release huge amounts of stolen NHS Scotland patient and staff data, according to reports.
Reports emerged yesterday of a post by the ransomware group INC Ransom on its dark web blog, alleging it was in possession of three terabytes of data from NHS Scotland.
The group posted several letters and medical reports – including names and addresses of patients – to prove the breach according to the Defence Journal, and say the rest will be published “soon” if their demands aren’t met.
However, a specific deadline wasn’t offered.
It came soon after NHS Dumfries and Galloway was hit by a cyber attack on March 15, with the health board saying a “significant quantity” of data was put at risk and services would potentially be disrupted.
NHS Dumfries and Galloway CEO Jeff Ace offered an update, confirming that the group is in possession of a “small number” of patients’ data.
In a statement posted to its website, he said: “We absolutely deplore the release of confidential patient data as part of this criminal act.
“This information has been released by hackers to evidence that this is in their possession.
“We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government and other agencies in response to this developing situation.
“Patient-facing services continue to function effectively as normal.
“As part of this response, we will be making contact with any patients whose data has been leaked at this point.
“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”
A Police Scotland spokesperson said: “Enquiries are ongoing.”