It’s been an all-too-common headline over the past decade. Now, two more National Health Service trusts in the U.K. have been impacted by cyberattacks, although there is no indication yet that patient data was accessed or patient services were affected. Emma Woollacott reports:
Two NHS trusts have suffered cyber attacks which exposed staff data, prompting fresh calls for more robust supply chain security practices.
University College London Hospitals (UCLH) NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust were targeted in an attack which exploited a flaw in Ivanti Endpoint Manager Mobile (EPMM) – a tool used to manage employee mobile devices.
The flaw was discovered on May 15th, and has since been patched by Ivanti.
UCLH said it was investigating with the help of cybersecurity experts at NHS England, but said it had ‘no evidence’ that patient data was accessed.
Read more at ITPro. As Woollacott reports and according to reports from Sky News, analysts at security firm EclecticIQ have identified other victims, including agencies and businesses across Scandinavia, the UK, the US, Germany, Ireland, South Korea, and Japan.