News > Cyber-Attacks > Ransomware
by kevin wood

Terrabytes stolen in latest ransmoware attack in uk

second attack on the nhs in a matter of weeks

Barts Health NHS trust, the largest NHS Trust in the UK that runs five London-based hospitals and services more than 2.5 million patients, recently disclosed that they were the victim of a ransomware attack.  The group behind this, known as “BlackCat”, released some of their data on the ALPHV ransomware gang site, after having given Barts Health 3 days to comply with a ransomware payment.

When payment was not received, the group, “BlackCat”, released more of the 70 terabytes of data online for anyone to see.  As part of our investigation, we were able to see some of the stolen data that included passports and drivers licenses of employees as well as data that was marked as “confidential”.

As mentioned, this is the second event in just a few weeks.  In June, a ransomware attack on the University of Manchester saw hackers access data for over 1.1 million patients through 200 hospitals.  The data was less confidential as the most recent breach but still significant enough to warrant a thorough investigation.  A spokesperson for the University declined to make any comments on the stolen data but did confirm the university had a security incident.

As with any major breach of this kind, the National Cyber Security Centre in the UK is investigating the incident.  It’s unclear whether or not any ransom amounts were paid in either ransomware attack.  What’s clear is that the public sector in the UK has taken quite a few hits in the last few years, cementing the fact that hackers are here to stay and are only becoming more vigilant.

One of the largest ongoing cyber incidents impacting the U.K. public sector resulted from a May ransomware attack on Capita, a British outsourcing giant that provides critical services for the U.K. government.  Additionally, Ofcom, the communications regular in the UK, confirmed they were part of a group of organizations that were compromised by the “Clop” ransomware gang.

As a result of the attack, which was claimed by the Black Basta ransomware group, more than 90 organizations reported breaches of personal information. This included the Universities Superannuation Scheme (USS), the U.K.’s largest private pension provider, which said that the personal details of almost half a million members were held on servers accessed during the breach.

Last week, Capita confirmed that its own pension fund was also impacted by the cyberattack. In a letter shared with The Times, Capita told its staff members — three months after the breach — that it had “identified evidence that the following personal data relating to you is within the data compromised and/or copied from Capita’s systems.”

With more and more attacks on the rise, it’s imperative to have a solution in place that not only can backup your IT environment but also ensure that you’re able to get back online rather quickly.  With BBG’s proprietary hardware and software, we’re able to provide reliable backup services along with a recovery platform that can have you back up and running within the hour. 

No more manually having to start up servers and make sure they’re running before moving onto the next.  Our Orchestration Toolkit let’s you configure a start up plan and then when you’re ready to execute that (for example, during a cyber attack), simply click the button to start the process and sit back and relax as it does all the work.

“Capita continues to work closely with specialist advisers and forensic experts to investigate the incident and we have taken extensive steps to recover and secure the data.”

-Capita spokesperson