Concerns are mounting over patient data security after a recent cyber intrusion compromised information from several NHS trusts. According to reporting by Sky News, University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust were affected after their systems were breached by exploiting a newly discovered vulnerability in software.<\/p>\n\n\n\n
NHS England has confirmed it is closely monitoring the situation, with the National Cybersecurity Centre (NCSC) taking the lead in defence efforts. <\/p>\n\n\n\n
Analysts at EclecticIQ, a threat intelligence technology provider, have tracked the impact of the hack across multiple countries, including the UK, the US, and Germany. <\/p>\n\n\n\n
EclecticIQ CEO, Cody Barrow, said: “Such attacks raise the potential for unauthorised access to highly sensitive patient records. This situation represents another urgent wake-up call for the NHS. With threat actors actively exploiting these vulnerabilities, we\u2019re not looking at a distant or theoretical risk. The targeting is happening now, and the consequences could be felt across the healthcare system.”<\/p>\n\n\n\n
“The potential compromise scope goes well beyond data theft. We\u2019re looking at the potential for unauthorised access to highly sensitive patient records, the disruption of crucial appointment systems, and even interference with critical medical devices that are vital for daily patient care.”<\/p>\n\n\n\n
The cyber intrusion was not a ransomware attack but involved the covert extraction of data through software vulnerabilities. The exploited software, Ivanti Endpoint Manager Mobile (EPMM), is used for managing employee mobile devices. Although the vulnerability was identified and a patch released on 15th May, systems that were previously compromised may still be at risk.<\/p>\n\n\n\n
Hackers reportedly used the flaw in Ivanti\u2019s software to gain access, explore, and execute programs on targeted systems. The data accessed included staff phone numbers, IMEI numbers, and technical information such as authentication tokens. This breach could potentially allow further access to patient records and network sections via remote code execution (RCE).<\/p>\n\n\n\n