CyberCrimeSecurity

Patient Data Safe After Barts NHS Health Cyber Attack

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

An unknown Trojan malware was responsible for the attack, but failed to access patient data

Barts Health, England’s largest NHS trust which operates four hospitals in London, was hit by a cyber attack on Friday that potentially left thousands of patient files at risk.

The organisation immediately took a number of systems offline as a “precautionary measure” and warned staff not to open email attachments from unknown senders.

Now, after carrying out an investigation into the incident, Barts has identified the source of the attack and confirmed that no patient data was accessed by the hackers.

malware

All systems go

In a statement on its website, it says: “On Friday 13 January 2017 Barts Health discovered and took immediate steps to contain a virus in the Trust’s computers. The virus has been quarantined, and all major clinical systems are now up and running.  No patient data was affected, there was no unauthorised access to medical records, and our anti-virus protection has now been updated to prevent any recurrence.

“In addition to the Trust’s core clinical system Cerner Millennium, Radiology and imaging from X-rays and scans continue to be used. The computerised pathology results service is now back online and processing requests as normal – it may take a day or so to deal with the backlog that built up during the short period when we processed requests manually.”

Barts had previously ruled out ransomware as the culprit and confirmed that the attack was actually caused by a never-before-seen Trojan malware which “had the potential to do significant damage to computer network files.”

However, the organisation was able to successfully contain the virus and protect sensitive data from being accessed.

The healthcare industry is being targeted more and more by cyber criminals, as budget constraints and the use of outdated operating systems are leaving organisations such as NHS trusts vulnerable to attack.

For example, towards the end of last year a virus infection forced the Northern Lincolnshire and Goole NHS Foundations Trust to shut down its entire IT network and a recent study found that hospitals were increasingly being targeted by ransomware in 2016.

Quiz: Are you a cyber security pro?