Thousands of NHS patient test results stolen in cyber attack
One of England’s largest hospital trusts, Mid and South Essex NHS Foundation Trust, has confirmed that thousands of patient test results were stolen in a cyber attack affecting healthcare data in 2024.
The trust said the breach involved 2,380 records and impacted diagnostic information processed by a third-party provider, News.Az reports, citing BBC.
The stolen data was taken from systems operated by Synnovis, a testing provider that processes blood, urine and tissue samples for several NHS organisations, including hospitals in Chelmsford, Basildon and Southend. The trust said it was notified of the breach in December and has begun contacting affected patients.
RECOMMENDED STORIES
Synnovis confirmed that the data was later published on the dark web, although it said there was no evidence it had been used maliciously and described the theft as disorganised. The company said all affected NHS trusts had been informed, while individual hospitals remain responsible for patient notification.
The breach is part of a wider cyber attack first identified in June 2024 that also affected multiple London hospitals. Another NHS trust recently disclosed that nearly 33,000 of its patients were impacted.
A Russia-based cybercriminal group known as Qilin has previously claimed responsibility for the attack. The stolen information may include names, dates of birth, NHS numbers and medical test results.
Mid and South Essex NHS Foundation Trust said it has since strengthened its cyber security systems with expert support and continues to investigate the scope of the incident, as it works to confirm the exact number of affected patients.
By Leyla Şirinova
Similar news
