NHS Data Breach: Healthcare Tech Firm DXS Hit by Ransomware Attack

A U.K. healthcare technology firm working with the National Health Service has been hacked. DXS International disclosed a major security incident this week. The company provides software to NHS doctors and primary care physicians.

The breach was discovered on December 14. According to the company, its office servers were compromised. DXS stated it contained the incident immediately with NHS support.

Ransomware Group Claims Theft of 300 Gigabytes of Data

A ransomware gang named DevMan has claimed responsibility. The group posted about the hack on its dark web site. TechCrunch viewed the post, which claims 300 gigabytes of data was stolen.

DXS filed a statement with the London Stock Exchange. It said front-line clinical services were unaffected. The company has hired a cybersecurity firm to investigate the full extent of the incident.

The impact on patient data remains unclear. DXS software can access patient records and information. The company says some solutions are hosted on NHS network systems.

Regulators Assess Impact as Investigation Continues

The broader consequences are still being analyzed. DXS has notified U.K. law enforcement and data regulators. The Information Commissioner’s Office is now assessing the provided details.

An NHS England spokesperson stated they are unaware of any impacted patient services. This incident highlights persistent cybersecurity risks within critical healthcare infrastructure. Past breaches have disrupted hospital operations and compromised sensitive records.

The investigation is ongoing. Authorities have not confirmed the ransomware group’s claims about the stolen data. Patients and practitioners are advised to remain vigilant for any unusual communications.

This evolving NHS data breach underscores the critical vulnerability of healthcare partners. The full impact on patient information may not be known for weeks as the forensic investigation proceeds.

Info at your fingertips