Homerton Hospital data safe from Synnovis hack

Homerton Hospital. Photograph: courtesy the Homerton

Homerton Hospital today confirmed it was unaffected by an NHS cyberattack earlier this month, following reports alleging that stolen patient data from major London hospitals has been published online by Russian cyber criminals.

On Monday 3 June the private firm Synnovis, a pathology partnership between key London NHS trusts, was targeted by a ransomware attack by hacker group Qilin, disrupting healthcare services and leading to ongoing cancellations of hundreds of operations and appointments.

Homerton Hospital this morning told the Citizen that no patient data was compromised in the attack earlier this month as pathology information is owned and handled by the NHS trust partnership between Homerton and Bart’s Health.

The BBC today reported that the hackers shared nearly 400GB of this data, including patient names, dates of birth, NHS numbers and blood test details, on the dark web. It is unconfirmed whether blood test results were also shared.

A statement from NHS England on Friday morning said: “NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack.

“We understand people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible.”

The second week following the attack has seen more than 320 planned operations and 1,294 outpatient appointments postponed at King’s College hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust between 10 and 16 June.

The number of planned operations rearranged as a result fell by 494, but 394 outpatient appointments have been missed.