LONDON – An investigation into a ransomware attack earlier this month on London hospitals by Russian group Qilin could take weeks to complete, the country’s state-run National Health Service said on Friday, as concerns grow over the leak. patient record data.
Hundreds of operations and appointments are still being canceled more than two weeks later the June 3 attack on NHS provider Synnoviswhich provides pathology services mainly in South East London.
The attack affected King’s College and Guy’s and St Thomas’ Hospitals, which run several hospitals in south London, as well as clinics and doctors’ surgeries in a part of the city. A memo to staff called it a “critical incident” and said it had a “major impact” on services, especially blood transfusions.
NHS England said on Friday it had been “informed” that data relating to the attack had been published online. According to the BBC, Qilin shared nearly 400 GB of data, including patient names, birth dates and blood test descriptions, on his darknet website and Telegram channel.
“The National Crime Agency and the National Cyber Security Center are working to verify the data included in the published files as quickly as possible,” NHS England said in a statement. “These files are not simple uploads and, therefore, investigations of this nature are highly complex. and could take weeks, if not longer, to complete.”
According to Saturday’s edition of the Guardian newspaper, records covering 300 million patient interactions were stolen during the attack, including blood test results for HIV and cancer.
A website and helpline have been set up for affected patients.
“We understand the distress this will cause to patients who will have to repeat the test,” NHS England said.
The National Crime Agency confirmed it was leading the criminal investigation but said it could not comment further.
Ransomware it involves criminals paralyzing computer systems with malware and demanding money to release them. Ransomware is the most costly and disruptive form of cybercrime, affecting local governments, judicial systems, hospitals and schools, as well as businesses. It is difficult to combat because most gangs are based in former Soviet states and beyond the reach of Western justice.
Britain’s state-funded healthcare system has been hit before, including during a 2017 ransomware attack that froze computers in hospitals across the country, closing wards, shuttering emergency rooms and halting treatment.
Qilin, also known as Agenda, advertises on dark web cybercrime forums and rents malware to affiliates who use it to carry out attacks for a percentage of ransom payments, said Louise Ferrett of Searchlight Cyber, a threat intelligence company. The group listed more than 100 victims.
This story originally appeared on ABCNews.go.com read the full story
