Qilin, a Russian-speaking ransomware criminal gang, has released private information stolen from Synnovis, a blood testing provider for the National Health Service (NHS) in the United Kingdom. This is the same group of hackers wreaking havoc on many hospitals in London.
Qilin Blackmailing Synnovis
Qilin began attempting to blackmail Synnovis earlier this month, as reported by The Guardian. The gang had threatened to release the information unless payment was made.
On Thursday night, June 20, they uploaded around 400 GB of sensitive data to their darknet website and Telegram channel, according to BBC.
The information contains details about blood tests, patients' names and dates of birth, NHS numbers, and more. It is unknown whether the data also includes test findings.
Additional business account spreadsheets describing monetary agreements between Synnovis, general practitioners, and hospitals have also been made public.
READ NEXT : Change Healthcare Begins Notifying Customers of Potential Patient Data Exposure in Cyberattack
Synnovis Breach Aftermath
Being one of the worst cyberattacks in UK history, the aftermath of the Synnovis breach disrupted pathology services and impacted over a thousand patient appointments and general practitioner visits. Two London NHS trusts had their computer systems compromised by ransomware hackers, who encrypted critical data and rendered the systems inoperable.
The criminals continued their strategy of extorting the firm for Bitcoin ransom by downloading as much confidential data as possible, as is typical for such cyber criminals. However, it is unclear whether Synnovis engaged in discussions or how much money the hackers requested from the firm.
Worldwide law enforcement organizations consistently warn ransomware victims against paying the ransom since doing so supports the criminal industry and provides no assurance that the hackers will do as they promise.
The healthcare industry is a prime target for ransomware attacks, according to ransomware expert Brett Callow of Emsisoft. Hackers seemed to be targeting the sector because they may inflict significant damage and, sometimes, reap substantial profits.
Join the Conversation