Barts Health NHS Trust, the largest NHS trust in the UK, is currently conducting an urgent investigation into a ransomware attack as the country’s public sector faces a surge in cyberattacks. The trust, responsible for five major hospitals and serving over 2.5 million patients, recently appeared on the dark web leak site of the ALPHV ransomware gang, also known as BlackCat.
The gang claims to have executed the largest healthcare data breach in the UK, compromising a staggering 70 terabytes of sensitive information. The stolen data includes passports, driver’s licenses, and internal emails labeled “confidential”.
ALPHV demanded a response from Barts Health and threatened to publish the compromised data if they didn’t.
“You have 3 days for contact with us to decide this pity mistake which made your IT department, decide what to do in next step,” the gang said. “If you prefer to keep silence, we will start publicate data, most of it – citizens confidential documents [sic],” ALPHV said.
This incident marks the second breach of NHS data in recent weeks. In June, a ransomware attack on the University of Manchester resulted in unauthorized access to an NHS dataset containing information on 1.1 million patients across 200 hospitals. The breached data includes NHS numbers and the first three letters of patients’ postcodes.
ALPHV, also known as BlackCat, is a long-established Russian-speaking cybercriminal group. Previously known for their Carbanak malware targeting banks, the group transitioned to ransomware attacks and gained notoriety in early 2022 by targeting fuel and transport infrastructure operators. Recent victims include storage firm Western Digital and multinational payment giant NCR.
As cyberattacks continue to threaten critical infrastructure, it becomes increasingly crucial for organizations and institutions to strengthen their cybersecurity measures and remain vigilant against evolving threats.