A criminal group known as Cl0p stole files from a Barts Health NHS Trust database <\/p>\n
Personal patient and staff information has been posted on the dark web after hackers exploited a software vulnerability at Barts Health NHS Trust.<\/strong><\/p>\n The criminal group, known as Cl0p, stole files from the trust\u2019s database in August 2025, including names, addresses, and invoices of patients and staff who had paid for treatment or services over several years.<\/p>\n It also included files relating to accounting services provided since April 2024 to Barking, Havering and Redbridge University Hospitals NHS Trust.<\/p>\n In a statement<\/a>, Barts Health said that its electronic patient record and clinical systems have not been affected by the attack and it is \u201cconfident\u201d that its core IT infrastructure is secure.<\/p>\n \u201cWe are taking urgent action and seeking a High Court order to ban the publication, use or sharing of this data by anyone.<\/p>\n \u201cThe syndicate exploited a loophole in the Oracle<\/a> E-business Suite software, which automates key business processes. This impacted many organisations across the world, and Oracle has since corrected the issue.<\/p>\n \u201cWe are working with NHS England, the National Cyber Security Centre, and the Metropolitan Police, and reported the breach to relevant regulators including the Information Commissioner\u2019s Office,\u201d the trust said.<\/p>\n It added that there was no indication that trust data was at risk until November when the files were posted online.<\/p>\n \u201cTo date no information has been published on the general internet, and the risk is limited to those able to access compressed files on the encrypted dark web,\u201d the trust said.<\/p>\n It added that it is \u201ctaking steps with our suppliers to ensure that it could not happen again\u201d.<\/p>\n Digital Health News contacted Oracle for comment.<\/p>\n Commenting on the incident, cyber security expert Saif Abed, founding partner at the AbedGraham Group, said: \u201cTrusts are overwhelmingly being compromised because of their vulnerable supply chains.<\/p>\n \u201cThis can yield access to highly valuable data to be traded by cybercrime gangs. Whether that\u2019s admin credentials to facilitate ransomware attacks or personal information to drive fraud and extortion, it can all be very lucrative.<\/p>\n \u201cThe NHS\u2019s track record of being successfully targeted time and time again, which is publicly known, makes it an obvious target.<\/p>\n \u201cThe fact that it is a part of national critical infrastructure makes it increasingly a geopolitical target too.\u201d<\/p>\n \u201cGovernment needs to enforce the UK Cyber Security and Resilience Bill<\/a> as soon as possible to make sure suppliers to the NHS are fit for purpose when it comes to cyber-resiliency.\u201d<\/p>\n Barts Health was previously affected by a cyber incident in July 2023, when it appeared on the dark web victim blog of Russian ransomware gang BlackCat<\/a>, which claimed to have stolen more than seven terabytes of sensitive data.<\/p>\n In November 2024, Barts Health rolled out<\/a> a healthcare-focused cyber security platform from Cynerio<\/a> across all of its sites to strengthen its defences against the threat of cyber attacks.<\/p>\n Meanwhile, pathology supplier Synnovis is contacting NHS organisations<\/a> which had data stolen and published online following a major cyber attack in June 2024, which led to a\u00a0patient death<\/a> and disrupted services<\/a> throughout London.<\/p>\n","protected":false},"excerpt":{"rendered":"A criminal group known as Cl0p stole files from a Barts Health NHS Trust database Personal patient and…\n","protected":false},"author":2,"featured_media":623070,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4316],"tags":[141,193668,13311,59672,15986,193669,105,4348,62152,9861,16,15],"class_list":{"0":"post-623069","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-healthcare","8":"tag-barking","9":"tag-barts-health-nhs-trust","10":"tag-cyber-attacks","11":"tag-epr","12":"tag-hacking","13":"tag-havering-and-redbridge-university-hospitals-nhs-trust","14":"tag-health","15":"tag-healthcare","16":"tag-national-cyber-security-centre","17":"tag-oracle","18":"tag-uk","19":"tag-united-kingdom"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@uk\/115692302702503860","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/623069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/comments?post=623069"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/623069\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media\/623070"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media?parent=623069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/categories?post=623069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/tags?post=623069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}