Hackers threaten to release terabytes of NHS Scotland data after ransomware attack

After successfully breaching NHS Dumfries and Galloway’s systems, the hacking group INC Ransom has issued a dire warning: they intend to expose confidential patient and staff data from NHS Scotland.

Should INC Ransom’s demands remain unmet, a staggering three terabytes of sensitive information could be unleashed. The group has already provided a ‘proof pack’ of private data as evidence, underscoring the severity of the threat.

The compromised data, as disclosed by INC Ransom, encompasses a plethora of private medical records, including patient names, addresses, dates of birth, test results, and correspondence between medical professionals regarding treatment options.

Despite concerted efforts by the Scottish Government, the National Security Centre, and Police Scotland, the hackers appear to have unhindered access to the data. There have been no updates on strategies to thwart the impending leak of private data.

In a response, NHS Dumfries and Galloway acknowledged that clinical data related to a limited number of patients has already been made public by the ransomware group. The breach followed a targeted cyberattack on the Board’s IT infrastructure, during which hackers gained access to a substantial volume of data, including patient and staff identifiable information.

Although the hacker group proclaimed the successful breach on March 26, NHS Dumfries and Galloway reported being under cyberattack on March 15, believed to be linked to the INC Ransom incident. Notably, the latest data from the breach dates back to 2019, with much of the documentation being several years old.

Hackers Threat

INC Ransom has been active in targeting numerous organizations since last year, consistently resorting to threats of leaking private data if their demands are not met. In a recent development on April 1, Leicester City Council also fell prey to an INC Ransom attack. The group claimed responsibility for a significant cybersecurity breach that allegedly extracted three terabytes of data from the local authority, resulting in extensive disruptions to council services.