Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS

News
By published

Barts Health was hit through Oracle E-Business Suite

A person in a medical practice typing on a laptop.
(Image credit: Pixabay)
  • Barts Health NHS Trust confirmed Cl0p ransomware exploited Oracle E-Business Suite, stealing invoice-related data
  • Exposed info includes names, addresses, and patient and former staff records
  • Trust says systems remain secure, seeks High Court order to block data use

Barts Health NHS Trust is the latest organization to confirm it has suffered a ransomware attack through the Oracle E-Business Suite vulnerability.

In a data breach notification letter posted late last week, the organization said that the infamous ransomware group Cl0p used the E-Business Suite bug in August to breach IT infrastructure and access a database “containing invoices”.

The breach wasn’t spotted until recently, when Cl0p published the stolen data on the dark web. That data, according to the Trust, includes people’s names and addresses, as well as data “relating to accounting services provided since April 2024 to Barking, Havering and Redbridge University Hospitals NHS Trust”.

Catch the price drop- Get 30% OFF for Enterprise and Business plans

Catch the price drop- Get 30% OFF for Enterprise and Business plans

The Black Friday campaign offers 30% off for Enterprise and Business plans for a 1- or 2-year subscription. It’s valid until December 10th, 2025. Customers must enter the promo code BLACKB2B-30 at checkout to redeem the offer.

View Deal

Urgent action

Patients, and former staff members, seem to be among those affected, but it's not yet known exactly how many individuals have had their data stolen. Barts says its electronic patient record and clinical systems were not affected, “and we are confident our core IT infrastructure is secure.”

Still, it urges everyone to be wary of incoming emails and instant messages. The information stolen in the breach cannot be used to cause direct damage, but it can be used to tailor convincing phishing emails, tricking victims into sharing passwords with the attackers, making payments - or even as leverage for identity theft.

The data has not yet spilled into the clearweb, the Trust says, adding that it has taken “urgent action”, seeking a High Court order to ban the publication, use, or sharing of this data. We’re not sure how important such an order would be to cybercriminals, though.

“We are working with NHS England, the National Cyber Security Centre, and the Metropolitan Police, and reported the breach to relevant regulators including the Information Commissioner's Office,” the notification reads.

“We are very sorry that this has happened and are taking steps with our suppliers to ensure that it could not happen again.”

Via Cybernews

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.