Sensitive data stolen from an NHS provider in a cyber attack has apparently been published online.
NHS England says a criminal group claims it has released patient information hacked from Synnovis, which provides pathology services on blood tests.
Synnovis, which provides services primarily in southeast London, was the victim of a ransomware attack, understood to be carried out by Russian group Qilin, on 3 June.
In a statement on Friday morning, NHS England said: “NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack.
“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible.
“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.
“As more information becomes available through Synnovis’ full investigation, the NHS will continue to update patients and the public.”
The cyber criminal group shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on their darknet site and Telegram channel, the BBC said.
Spreadsheets containing financial arrangements between hospitals and GP services and Synnovis were also published, the BBC reported.
Synnovis said in a statement on Friday morning: “We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already under way.”
More than 320 planned operations and 1,294 outpatient appointments were postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust between 10 and 16 June, the second week after the attack.
Since the first week after the attack (3 to 9 June), the number of rearranged planned operations has gone down by 494, but a further 394 missed outpatient appointments have been logged.
So far, the data theft has led to more than 1,100 planned operations and 2,100 outpatient appointments to be postponed, according to NHS England London figures.
Urgent and emergency services have remained available as usual.
Keep up with all the latest news from the UK and around the world by following Sky News
Be the first to get Breaking News
Install the Sky News app for free
This breaking news story is being updated and more details will be published shortly.
Please refresh the page for the fullest version.
You can receive breaking news alerts on a smartphone or tablet via the Sky News app. You can also follow @SkyNews on X or subscribe to our YouTube channel to keep up with the latest news.