According to Barts Health, the Cl0p ransomware gang accessed files from a database containing invoices and subsequently posted them on the dark web. These compromised invoices contained personal details of patients, specifically the names and addresses of those responsible for payment for treatment or services received at a Barts Health hospital over a period of several years. Patients who wish to determine what personal information is at risk are advised by Barts Health to review the invoices they were issued following their treatment.
Former employees were also among those impacted, specifically those who had left the trust with outstanding issues related to salary sacrifice or overpayment. Furthermore, suppliers who provided goods or services to the trust were affected, as they were listed in nearly half of the files potentially compromised in the breach.
The list of victims additionally includes Barking, Havering, and Redbridge University Hospitals NHS Trust. This is due to accounting services Barts Health has provided to them since April 2024. Barts Health is actively collaborating with the other trust to reduce potential harm. Barts Health asserts that its core internal systems remain secure and that electronic patient records were not accessed or compromised.
GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025
This notification is linked to a breach where the Cl0p ransomware group exploited a vulnerability within the Oracle E-business Suite software, an incident that impacted numerous companies, many of whom were unaware of the zero-day exploit for months. Although the initial data theft occurred in August, Barts Health did not become aware that its data had been compromised until November, when the stolen files were discovered on the dark web. The trust has stated that to date, no information has been published on the general internet, meaning the risk is confined to those who can access compressed files on the encrypted dark web.
Although the stolen details cannot be used directly by criminals to access bank accounts, they can be utilized for scamming purposes. Threat actors may attempt to use this information to convince individuals to disclose additional private information or to make unauthorized payments. Barts Health is currently pursuing legal action to obtain a ban on the further publication, use, or sharing of this compromised data. Barts Health has issued an apology for the incident and has stated that it is implementing measures with its suppliers to ensure that a similar event will not occur again.
Source: Cl0p Ransomware Steals Patient And Staff Invoice Data At Barts Health Trust