- Barts Health NHS Trust is seeking a High Court order to legally prevent the Cl0p gang from publishing stolen patient and staff financial data.
- The data breach resulted from a now-fixed flaw in Oracle business software, compromising names and addresses of individuals who owed the trust for treatment or services.
- Clinical systems and electronic patient records were not affected, and the stolen files are currently only on the encrypted dark web.
A major London hospital group is taking a radical step against cyber criminals. They are going to court to try and stop stolen data from being published.
This follows a serious breach involving patient payment details. The trust says its core medical systems remain secure.
Legal Action to Block Data Publication
Barts Health NHS Trust is making a bold move. It is initiating legal action against the criminal gang Cl0p. The goal is to get a High Court order to ban them from publishing, using, or sharing stolen data.
Hackers stole the data in August by exploiting a loophole in Oracle’s E-Business Suite software through a “mass-exploitation” attack Oracle has since corrected this issue.
Someone posted the stolen files on the dark web in November. This revealed the extent of the breach. The database contained invoices with names and addresses.
This info belonged to people liable to pay for treatment at Barts hospitals over several years. The list also included some former staff who owed money for salary overpayments.
“These details do not allow direct access to your accounts,” the trust stated. “Criminals could use them to trick you into sharing sensitive information or making payments.”
Scope of the Breach and Contained Risk
The trust emphasizes that the breach affected only a limited area and confirms that no one accessed its electronic patient records or clinical systems. It is “confident” its core IT infrastructure is secure.
Almost half the compromised files list supplier details. That information is already in the public domain. The database also had accounting files for another NHS trust Barts provides services to.
So far, no one has posted the information on the general internet. The risk is currently limited to those who have access to compressed files on the encrypted dark web.
“We are very sorry that this has happened,” the trust said. It is working with the National Cyber Security Centre and police. It has also reported the breach to the Information Commissioner’s Office.
Implications of the Stolen Data and Legal Fight
Sure, the stolen data isn’t medical, but it’s still dangerous. With names, addresses, and invoice info in hand, scammers can whip up pretty believable phishing attacks. They will use fake payment requests to target people and even ask for more sensitive personal info. It’s the kind of thing that tricks people all the time.
The legal action itself is a notable escalation in how organizations respond to cyberattacks. Instead of just investigating and reinforcing defenses, Barts is proactively using the courts. This seeks to create a legal barrier against the misuse of the data.
It represents a direct challenge to the criminals’ ability to profit from their theft. Their business model relies on the secrecy and illicit economy of the dark web, a hidden layer of the internet fraught with specific risks.
