Health data from UK Biobank spotted for sale in China – Government confirms medical info from 500,000 participants involved

News
By published

The data is anonymous, so there is no risk of follow-up cyberattacks

Malware attack virus alert , malicious software infection , cyber security awareness training to protect business
(Image credit: Shutterstock)
  • Medical data from 500,000 UK Biobank volunteers was improperly listed for sale on Alibaba by rogue researchers.
  • The archive contained anonymized health information used in thousands of scientific studies, but no personal identifiers like names or addresses.
  • Access for the institutions involved has been revoked, and officials confirmed the listing was removed before any purchase occurred.

Medical information of half a million UK citizens ended up for sale on none other than Alibaba, after “rogue researchers” put it there.

Between 2006 and 2010, an independent, non-profit research organization called UK Biobank collected health data from 500,000 volunteers in the UK. Supported by bodies like the UK Medical Research Council, Wellcome Trust, and National Health Service, and with the goal of enabling large-scale health research, the project collected anonymous information such as gender, age, month and year of birth, socioeconomic status, lifestyle habits, and measures from different biological samples.

According to the BBC, the UK Biobank project resulted in more than 18,000 scientific publications and has been used to improve the detection and treatment of dementia, certain cancers, and Parkinson’s. The volunteers were aged 40 - 69 at the time the data was collected.

Article continues below

Legitimate download

Earlier today, news broke that someone tried to sell the entire database on Alibaba, one of the largest online e-marketplaces in China, and the world. This was confirmed by the UK’s technology minister, Ian Murray, who confirmed that personally identifiable information, such as names, addresses, emails, or phone numbers, were not leaked. "This was a legitimate download by a legitimately accredited organization," he said. "That is the problem that's been identified."

Chief Executive Professor Sir Rory Collins also commented, saying that the data was available to researchers at three institutions, and that Alibaba removed it in the meantime. The institutions, which were not named, have had their access revoked, Sir Rory confirmed.

Murray said that no one bought the archive before it was pulled offline. Speaking to the BBC, UK Biobank's chief scientist Prof Naomi Allen said that "ultimately it's the fault of these rogue researchers".

Usually, when cybercriminals obtain such databases, they offer to sell it on the dark web, not a legitimate website like Alibaba, which makes this incident all the more curious.

Via BBC

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.