Barts Health NHS Confirms Cl0p Ransomware Behind Data Breach

Barts Health NHS Trust has confirmed that the Russian-speaking Cl0p ransomware group stole files from one of its invoice databases after exploiting a vulnerability in Oracle E-Business Suite. The breach exposed data linked to payments for treatment and services, with some records going back several years.

Now, according to Barts’ press release, the stolen material includes names and addresses of patients who were billed for care, records of former staff with unresolved salary issues, and payment details for suppliers. Most supplier information is already public. Clinical systems and patient records were not affected.

The breach occurred in August but went undetected until November, when the files surfaced on the Cl0p ransomware’s dark web leak site. Oracle has since patched the exploited flaw. Barts has reported the incident to NHS England, the National Cyber Security Centre, the Metropolitan Police, and data regulators. It is also seeking a High Court order to block the circulation of the stolen data.

These cases share common traits. Attackers look for security vulnerabilities in widely used enterprise systems. Once inside, they move toward administrative data that can be sold or used for pressure campaigns. Even when clinical systems stay intact, the fallout strains staff who have to rebuild trust and manage fraud risks for those affected.

To read the complete article see: HackRead