Ransomware gang Qilin has published 380GB of sensitive patient data. The data originated from Synnovis, a pathology service that works with the UK’s National Health Service. The NHS is launching a helpline to answer questions from customers and staff.
According to The Guardian, Qilin stole 300 million patient-related documents during the June 3 hack. The stolen files included blood test results, blood transfusions, cancer and STI tests, and information relating to organ transplants. The amount is so large because records were obtained from tests that patients underwent “a considerable number of years” ago.
It is not clear whether Qilin leaked all of the stolen data. Publishing these files is usually a sign that the victim has refused to pay a ransom to unlock encrypted IT systems and delete the stolen data. Qilin reportedly demanded a $50 million ransom from Synnovis.
In addition to the stolen data, the hack has also impacted the operations of several hospitals and doctors' surgeries in London, as several IT systems have been taken offline. NHS England reports more than 1,000 cancelled operations and 2,000 postponed appointments.