NHS trusts had information stolen in the latest cyberattack on the UK health service, experts have told Sky News, with concerns raised that patient data might be vulnerable in such incidents.
University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have been named as those exposed via a recently discovered exploit.
Cody Barrow is the chief executive of EclecticIQ and previously worked at the Pentagon, US Cyber Command and the NSA. The firm analyses cyberattacks and uncovered the extent of this incident.
He told Sky News such attacks raise the “potential for unauthorised access to highly sensitive patient records”.
Analysts at EclecticIQ have identified victims of the hack spanning agencies and businesses across Scandinavia, the UK, US, Germany, Ireland, South Korea and Japan.
Sky News has been shown evidence of the trusts in the UK being accessed maliciously.
Rather than a ransomware attack, data was taken clandestinely after hackers exploited holes in software.
In this case, the vulnerability was in a piece of software called Ivanti Endpoint Manager Mobile (EPMM) – a programme that helps businesses manage employee phones.
Source: Sky News