UK pathology services Synnovis hacked by Qilin ransomwareistes, demand $50M, justify attack due to UK involvement in “wars”

June 19, 2024 | by

Pathology services provider Synnovis ransomwared, services continue to be disrupted. The Bloomberg report states that the Russia-based ransomware group Qilin is demanding a $50 million payment, in exchange for a code to unlock affected computers and software, which is the usual M.O. The ‘or else’ is that the hackers will post online the patient data stolen in the attack, according to a ‘spokesman’ quoted by Bloomberg, using a messaging account associated with the Qilin gang. FTA:

  • “A representative for the hackers said that they were very sorry for the people who suffered, but refused to accept responsibility for the human cost.”
  • Qilin is no longer in contact with Synnovis since the ransom wasn’t paid within their 120-hour deadline
  • The vulnerability to gain access to the Synnovis computers/software was not disclosed, but is known as a “zero day”. This could not be independently verified by Bloomberg.

Synnovis partners in pathology services with two London-based hospital trusts, King’s College Hospital, Guy’s and St Thomas’, including the Royal Brompton and the Evelina London Children’s Hospital. GP services affected are in the boroughs of Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth. The incident started on 3 June and was announced 4 June. This affected patient tests such as blood, bowel and various swabs that are routine and needed in EDs and surgeries, causing mass reschedulings and diversion of services. TTA 5 June

Procedures continue to be disrupted according to Synnovis’ own Monday update.“We have delivered temporary workarounds including the redirection of non-urgent blood tests and result processing to other pathology labs to allow us to focus on urgent samples received from GPs, to ensure there is sufficient capacity for urgent testing and to respond to the highest priority cases at St Thomas’ Hospital and King’s College Hospital. Changes to processing of testing and results are being communicated directly to GPs and other service users to ensure a smooth transition.” Their analyzers are back online. There is no timetable for full restoration of services.

Synnovis states that they are continuing to work with law enforcement and the UK Information Commissioner, as well as the National Cyber Security Centre (NCSC) and NHS England’s (NHSE) Cyber Operations Team. This story will be updated with further developments.

Breaking: multiple London hospitals, borough GPs declare ‘critical incident’ from ransomware attack via third party pathology vendor

June 5, 2024 | by

Breaking News. A group of London hospitals, plus GP services across several boroughs, have been affected by a third-party ransomware attack and have declared a critical incident. The vendor, Synnovis, is a provider of pathology services in a partnership between two London-based hospital trusts and SYNLAB UK & Ireland. The attack started on Monday 3 June. Synnovis reported in its statement yesterday that it affected all its IT systems and interrupted many Synnovis pathology systems. Synnovis “was the victim of a ransomware cyberattack”, according to chief executive Mark Dollar. Affected patient tests via Synnovis include blood, bowel and various swabs.

The hospitals affected are King’s College Hospital, Guy’s and St Thomas’, including the Royal Brompton and the Evelina London Children’s Hospital. These hospital trusts are partners in Synnovis with SYNLAB UK & Ireland, Europe’s largest provider of testing services. GP services affected are in the boroughs of Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth. The critical incident has affected primary care and delayed operations on patients plus blood transfusions, with reported diversions of emergency patients, though reports are varying on the last.

According to the Synnovis statement, the incident has been reported to law enforcement and the Information Commissioner, and they are working with the National Cyber Security Centre and the Cyber Operations Team. There is no information yet available attributing a ransomware organization.  Infosecurity-magazine.com, Sky News, BBC News

This is a developing story

Apps and wearables – developments over the summer

August 26, 2015 | by

Trying at least temporarily to distract this editor’s attention from his recent unfortunate experience with Jawbone technology, here are some interesting app and wearables snippets received over the summer.

We begin with news of the first CE certified mole checking app, SkinVision which rates moles using a simple traffic light system (using a red, orange or green risk rating). The app lets users store photos in multiple folders so they can track different moles over time. It aims to detect changing moles (color, size, symmetry etc.) that are a clear sign that something is wrong and that the person should visit a doctor immediately.

This contrasts with the findings of a paper published in June examining 46 insulin calculator apps, 45 of which were found to contain material problems, resulting in the conclusion that :”The majority of insulin dose calculator apps provide no protection against, and may actively contribute to, incorrect or inappropriate dose recommendations that put current users at risk of both catastrophic overdose and more subtle harms resulting from suboptimal glucose control.”, which to say the least of matters is worrying. (more…)