- Barts Health NHS Trust confirmed that Cl0p ransomware exploited Oracle E-Business Suite and stole invoice-related data
- Information exposed includes names, addresses and records of patients and former staff.
- Trust says systems remain secure and seeks High Court order to block data use
Barts Health NHS Trust is the latest organization to confirm that it has suffered a ransomware attack via the Oracle E-Business Suite vulnerability.
In a data breach notification letter published late last week, the organization said the infamous Cl0p ransomware group used the E-Business Suite bug in August to breach IT infrastructure and access a database “containing invoices.”
The breach was not detected until recently, when Cl0p posted the stolen data on the dark web. That data, according to the Trust, includes people’s names and addresses, as well as data “relating to accounting services provided since April 2024 to Barking, Havering and Redbridge University Hospitals NHS Trust.”
urgent action
Patients and former staff members appear to be among those affected, but it is not yet known exactly how many people have had their data stolen. Barts says its electronic patient record and clinical systems were not affected, “and we are confident that our core IT infrastructure is secure.”
Still, he urges everyone to be careful with incoming emails and instant messages. The information stolen in the breach cannot be used to cause direct harm, but it can be used to personalize convincing phishing emails, trick victims into sharing passwords with attackers, make payments, or even as leverage for identity theft.
The data has not yet been disseminated on clearweb, the Trust says, adding that it has taken “urgent action”, seeking an order from the High Court to prohibit the publication, use or sharing of this data. However, we are not sure how important such an order would be to cybercriminals.
“We are working with NHS England, the National Cyber Security Center and the Metropolitan Police, and have reported the breach to relevant regulators, including the Information Commissioner’s Office,” the notice reads.
“We are very sorry this happened and we are taking action with our suppliers to ensure it does not happen again.”
Through cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
