- Barts Health NHS Trust confirmed Cl0p ransomware exploited Oracle E-Business Suite, stealing invoice-related data
- Exposed info includes names, addresses, and patient and former staff records
- Trust says systems remain secure, seeks High Court order to block data use
Barts Health NHS Trust is the latest organization to confirm it has suffered a ransomware attack through the Oracle E-Business Suite vulnerability.
In a data breach notification letter posted late last week, the organization said that the infamous ransomware group Cl0p used the E-Business Suite bug in August to breach IT infrastructure and access a database “containing invoices”.
The breach wasn’t spotted until recently, when Cl0p published the stolen data on the dark web. That data, according to the Trust, includes people’s names and addresses, as well as data “relating to accounting services provided since April 2024 to Barking, Havering and Redbridge University Hospitals NHS Trust”.
Urgent action
Patients, and former staff members, seem to be among those affected, but it's not yet known exactly how many individuals have had their data stolen. Barts says its electronic patient record and clinical systems were not affected, “and we are confident our core IT infrastructure is secure.”
Still, it urges everyone to be wary of incoming emails and instant messages. The information stolen in the breach cannot be used to cause direct damage, but it can be used to tailor convincing phishing emails, tricking victims into sharing passwords with the attackers, making payments - or even as leverage for identity theft.
The data has not yet spilled into the clearweb, the Trust says, adding that it has taken “urgent action”, seeking a High Court order to ban the publication, use, or sharing of this data. We’re not sure how important such an order would be to cybercriminals, though.
“We are working with NHS England, the National Cyber Security Centre, and the Metropolitan Police, and reported the breach to relevant regulators including the Information Commissioner's Office,” the notification reads.
“We are very sorry that this has happened and are taking steps with our suppliers to ensure that it could not happen again.”
Via Cybernews
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
