UK pathology services Synnovis hacked by Qilin ransomwareistes, demand $50M, justify attack due to UK involvement in “wars”

Pathology services provider Synnovis ransomwared, services continue to be disrupted. The Bloomberg report states that the Russia-based ransomware group Qilin is demanding a $50 million payment, in exchange for a code to unlock affected computers and software, which is the usual M.O. The ‘or else’ is that the hackers will post online the patient data stolen in the attack, according to a ‘spokesman’ quoted by Bloomberg, using a messaging account associated with the Qilin gang. FTA:

  • “A representative for the hackers said that they were very sorry for the people who suffered, but refused to accept responsibility for the human cost.”
  • Qilin is no longer in contact with Synnovis since the ransom wasn’t paid within their 120-hour deadline
  • The vulnerability to gain access to the Synnovis computers/software was not disclosed, but is known as a “zero day”. This could not be independently verified by Bloomberg.

Synnovis partners in pathology services with two London-based hospital trusts, King’s College Hospital, Guy’s and St Thomas’, including the Royal Brompton and the Evelina London Children’s Hospital. GP services affected are in the boroughs of Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth. The incident started on 3 June and was announced 4 June. This affected patient tests such as blood, bowel and various swabs that are routine and needed in EDs and surgeries, causing mass reschedulings and diversion of services. TTA 5 June

Procedures continue to be disrupted according to Synnovis’ own Monday update.“We have delivered temporary workarounds including the redirection of non-urgent blood tests and result processing to other pathology labs to allow us to focus on urgent samples received from GPs, to ensure there is sufficient capacity for urgent testing and to respond to the highest priority cases at St Thomas’ Hospital and King’s College Hospital. Changes to processing of testing and results are being communicated directly to GPs and other service users to ensure a smooth transition.” Their analyzers are back online. There is no timetable for full restoration of services.

Synnovis states that they are continuing to work with law enforcement and the UK Information Commissioner, as well as the National Cyber Security Centre (NCSC) and NHS England’s (NHSE) Cyber Operations Team. This story will be updated with further developments.

Categories: Latest News.