Jump to content
  • Sign Up
×
×
  • Create New...

Ransomware gang leaks data stolen from Scottish NHS board

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

Ransomware gang leaks data stolen from Scottish NHS board

The scope of a recent cyber incident at NHS Dumfries and Galloway, which initially came to light earlier in March 2024, may be on the verge of expanding to incorporate the wider Scottish health service, after a cyber ********* operation going by the name Inc Ransom claimed to be in possession of three terabytes of data purloined from

This is the hidden content, please
.

In a dark web posting, Inc Ransom claimed to have stolen data on over 140,000 clinical and back office staff working across the NHS in Scotland, and threatened to publish it “soon”. As is standard practice, it also posted a number of supposedly stolen items as proof. This small data dump is understood to include sensitive information including medical reports and letters to patients.

This is the hidden content, please
, which serves communities in south-western Scotland, first acknowledged it had fallen victim to a “focused and ongoing” cyber ******* on 15 March, and engaged at that point with various bodies including Police Scotland, the Scottish government and the ***’s National Cyber Security Centre (NCSC).

It said at the time there may be some disruption to frontline services, and noted the risk that its attackers may have stolen sensitive data.

In a new update, NHS Dumfries and Galloway said it was aware that clinical data relating to a “small number of patients” had been published following the ******* on its systems. “We absolutely deplore the release of confidential patient data as part of this ********* act,” said NHS Dumfries and Galloway CEO Jeff Ace. “This information has been released by hackers to evidence that this is in their possession … Patient-facing services continue to function effectively as normal.”

He said NHS Dumfries and Galloway will be reaching out to patients whose data is known to have been leaked, and that work is ongoing to limit any sharing of it.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population,” said Ace.

Most attacked sector

According to

This is the hidden content, please
threat intelligence, healthcare is the third-most targeted industry by cyber ********** in the *** – despite the boasts of many ransomware gangs that they do not ******* such organisations, an evident lie.

It said that considering how disruptive cyber attacks can be to critical care services, successful breaches in the NHS are much more impactful than in other industries, meaning the health service’s various components need to be at the top of their game.

Check Point global chief information security officer (CISO) Deryck Mitchelson, who was NHS Scotland’s CISO until 2022 and also sits on Scotland’s

This is the hidden content, please
(NCRAB), said: “Healthcare is the perfect hunting ground for cyber **********. It has a vast ******* surface consisting of many disparate legacy and newer technologies and reliance on a large network of third-party suppliers. The scale and complexity of services makes it very difficult to detect a breach, such as this one, until data has been exfiltrated or encrypted and critical services are impacted.

“A holistic cyber security strategy is needed that removes complexity, reducing the number of security products and controls in place,” he said. “In addition to substantial cost savings, this would deliver enhanced real-time visibility and a layer of preventative security, reducing the likelihood of a similar *******. Without embracing such a change, I ***** we will continue to see major disruption to our most critical and vulnerable services.”

Inc Ransom

Inc Ransom is among a number of emergent ransomware operations that now seem to be filling the void left by recent law enforcement actions against the likes of ALPHV/BlackCat and LockBit. It first popped up in July 2023, and operates a standard double extortion practice – although it seems to shy away from the ransomware-as-a-service model for now. It’s a technically savvy operation, and like LockBit, enthusiastically leverages zero-day vulnerabilities.

Inc Ransom has tended to favour attacking organisations in the healthcare and education sectors, having named 20 victims so far in 2024.

Check Point researcher and software engineer Liad Dadash said the group’s claims to have attacked NHS Scotland were worth scrutiny.

“The cyber ******* publicly disclosed by Inc Ransom on 26 March is reported to be associated with an ongoing investigation at NHS Dumfries and Galloway,” he said. “What we know is that many of the documents held by the cyber ********** appear to be from the same region of origin, adding credibility to the ransomware group’s assertions.”



This is the hidden content, please

#Ransomware #gang #leaks #data #stolen #Scottish #NHS #board

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept