Barts Health NHS Trust, which runs five London-based hospitals and serves more than 2.5 million patients, was recently added to the dark web leak site of the Russian speaking ALPHV ransomware gang.
The gang, also known as BlackCat, says it has stolen 70 terabytes of sensitive data in what it claims is the biggest breach of healthcare data in the United Kingdom. Samples of the allegedly stolen data include employee identification documents, including passports and driver licenses, and internal emails labeled "confidential."
The damage caused by the latest incident isn’t yet clear. ALPHV is known to deploy ransomware, a kind of malicious software that encrypts a victim’s computers and renders them inoperable. It then demands payment to unlock the computers and threatens to publish stolen data. Increasingly, however, hacking gangs are forgoing ransomware and just stealing data, then threatening to publish it online unless they are paid.
A Barts Health spokesperson did not dispute that it was affected by a security incident that involved the exfiltration of data, nor did they dispute the legitimacy of the stolen data samples shared by ALPHV.
"We are aware of claims of a ransomware attack and are urgently investigating," the spokesperson, said.
The Information Commissioner’s Office, the regulatory body that oversees data privacy in the UK, confirmed it had received a report of a data breach from Barts and added that it was assessing the matter.