Alder Hey Children's Hospital investigates data breach claims
Ransomware gang threatens to leak data
A major cyberattack has hit Alder Hey Children's Hospital and Liverpool Heart and Chest Hospital NHS Foundation Trust, with a ransomware gang threatening to leak sensitive patient data.
The INC group, which is known for targeting healthcare organisations, has posted 11 screenshots on the dark web showing a sample of patient data. The data includes names, addresses and medical reports, as well as donation details and other financial documents.
The stolen data is believed to span from 2018 to 2024.
The Alder Hey Children's NHS Foundation Trust, which manages one of Europe's busiest paediatric hospitals, acknowledged the claims and confirmed it was working to determine the legitimacy of the leak.
"We are aware that data has been published online and shared via social media that purports to have been obtained illegally from systems shared by Alder Hey and Liverpool Heart and Chest Hospital NHS Foundation Trust,” Alder Hey said on Thursday.
“We are taking this issue very seriously and are working with the National Crime Agency (NCA) as well as partner organisations to secure our systems and to take further steps in line with law enforcement advice as well as our statutory duties relating to patient data."
The hospital assured the public that its services were operating as normal, urging patients to attend their appointments as scheduled.
The NCA and the National Cyber Security Centre are working closely with Alder Hey and Liverpool Heart and Chest Hospital to investigate the breach and mitigate its impact.
An NCA spokesperson confirmed the agency's involvement.
"We are aware of an incident affecting Alder Hey Children's Hospital and the Liverpool Heart and Chest Hospital. NCA officers are working alongside the National Cyber Security Centre and the hospital trusts to understand its impact," the agency said.
It has been a difficult year for the NHS, with multiple trusts affected by cybersecurity incidents.
Most recently, a cyberattack disrupted services at Wirral University Teaching Hospital NHS Trust.
The incident at Wirral, which was detected on the 25th November, has resulted in widespread system outages, forcing staff to resort to pen-and-paper methods, disrupting critical services and impacting patient care.
In June, a ransomware attack on Synnovis, a pathology services provider, led to the cancellation of thousands of appointments and procedures. The impact of the attack was far-reaching, particularly for blood donation services, as critical systems for blood matching were disrupted.
As for INC Ransom, in March the group claimed responsibility for the attack on NHS Dumfries and Galloway Health Board in Scotland, boasting possession of three terabytes of data obtained from board.
The increasing frequency of attacks against the NHS highlights the service’s fragility.