Skip to content

400GB of stolen Synnovis data published following cyberattack

  • by
  • 3 min read

Qilin cybercriminal gang has published nearly 400GB of sensitive data stolen from the NHS blood testing company Synnovis. The data breach includes patient information and financial records of healthcare data and the impact of ransomware attacks on essential services.

The Qilin gang, known for its ransomware activities, infiltrated Synnovis’ systems on June 3. Encrypting vital information and rendering IT systems inoperable, the gang demanded a ransom of $50 million in exchange for decrypting the files.

Following the attack, the group attempted to extort Synnovis, demanding a ransom in Bitcoin. Despite threats to release the data, Synnovis did not comply with the ransom demands, leading to the publication of the stolen data on the darknet overnight on Thursday, reports BBC.

The leaked data includes sensitive patient information such as names, dates of birth, NHS numbers, and descriptions of blood tests. Additionally, the breach encompasses business account spreadsheets detailing financial arrangements between hospitals, GP services, and Synnovis. It remains unclear whether actual blood test results were included in the leak.

NHS England and Synnovis have acknowledged the beach and are working with the National Cyber Security Centre and other partners to determine the extent of the compromised data.

A spokesperson for NHS England stated, “We understand that people may be concerned by this, and we are continuing to work with Synnovis and other partners to determine the content of the published files as quickly as possible.”

Qilin gang has been known to target hospitals, schools and other public service institutions. | Photo by Pixabay

The cyberattack has been one of the most severe in the UK, affecting over 1,000 hospital and GP appointments and operations due to disruptions in pathology services. The incident underscores the vulnerability of healthcare systems to cyber threats and the potentially devasting impact on patient care.

Qilin, which has a history of extortion attempts, claimed the attack on Synnovis was motivated by political protest. It criticised the UK government for its lack of support in an unspecified conflict.

The group stated, “We are very sorry for the people who suffered because of it. We don’t consider ourselves guilty, and we ask you not to blame us in this situation. Blame your government.”

Recently, the Qilin group targeted two US entities: St. Vincent de Paul Catholic School and North Cottage Program, Inc.

The Qilin gang is suspected of operating out of Russia, where a lack of collaboration between Russian authorities and Western law enforcement hinders efforts to capture the criminals.

This geopolitical issue exacerbates the challenges in addressing ransomware attacks and securing critical infrastructure against cyber threats.

In the News: YouTube starts cancelling Premium plans bought via VPN

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: