Fresh NHS Cyber Attack Reveals Over a Million Patient Records Compromised
Mike Sanders / 7 years ago
NHS Security Under Scrutiny Again!
NHS security procedures have been under a lot of pressure in recent months and it appears that they have not learnt their lesson. Reports are suggesting that another major data breach has occurred which has compromised the personal data of 1.2 million NHS patients in the UK.
This isn’t news, this is that WannaCry business!
Amazingly, no. This is a completely fresh attack. Isn’t that comforting? One of the most major handlers of our personal data has seen a potential 2nd major data in less than 3 months. We wrote rather extensively on it when the original attack was announced and was amazed at the time at just how easy the attack had been.
The hacker, purporting to operate as part of the Anonymous hacking group, has claimed he successfully breached the security of the NHS appointment booking system reports the Sun.
While Anonymous themselves have not officially commented on the attack, an unofficial source, claiming to be part of the group, has said: “I think the public has a right to know how big companies… …handle your data”.
The announcement that Windows 10 wasn’t immune to Wannacry, despite assurances, was not good news. This 2nd breach of the NHS is shocking and actually, quite scandalous.
How did this happen and has this affected me?
If you live in the UK and use the NHS, then yes, there is a highly distinct possibility. The hack apparently occurred by an exploit found in a 3rd party contractors software. The exploit allowed the hacker to successfully gain access to the NHS appointment booking system and an apparent gateway to at least 1.2 million persons worth of data.
Details on the previous Wannacry attack suggested that the attack came from Asia, likely China. This fresh attack, however, would appear to be much closer to home.
Fortunately, the hacker does seem to suggest that they only did it as an exercise of sorts. Wishing to prove that the security system was still incredibly vulnerable with no apparent malicious intent. Another plus side is that the data compromised is not your medical records. Good news I guess? However, your name, date of birth, phone number and general personal details may have been compromised.
The NHS has seemingly confirmed the attack. In a statement, they have said that any patients affected will be contacted to make them aware. Well, that makes it alright then I suppose *sigh*.