The ransomware attack on Synnovis, a U.K. pathology services company, exposed sensitive patient data, including details on sexually transmitted infections and cancer cases, affecting over 900,000 individuals. Despite being nearly a year since the breach, patients have not been notified about the specifics of their compromised data. The incident significantly disrupted blood testing services across National Health Service (NHS) hospitals in London and continues to impact the data recovery process.
Keypoints:
- More than 11 months post-attack, patients have not been informed of the data exposed.
- The Qilin cybercrime group attacked Synnovis, causing disruptions in NHS services.
- Compromised data may include names, birth dates, NHS numbers, and sensitive medical details.
- Over 900,000 individuals potentially impacted, with significant data sensitivity related to STIs and cancer.
- Synnovisβs focus on restoring blood testing services hindered timely notification to affected patients.
- Legal requirements mandate informing individuals about breaches of sensitive data.
- Synnovis is in the final stages of an eDiscovery process to determine the extent of compromised data.
- Patients and NHS Trusts are awaiting updates on findings from Synnovis.
Read More: https://therecord.media/synnovis-health-data-breach-investigation-onging