Barts Health NHS Trust has confirmed that the Cl0p ransomware gang has stolen files from a database containing invoice data, affecting patients, staff, and suppliers.
According to Barts Health, Cl0p accessed some files from a database containing invoices and posted them on the dark web. These invoices included patient details, such as names and addresses of those liable to pay for treatment or services at a Barts Health hospital over several years.
“Paying patients wishing to know what personal information is at risk are advised to check the invoices they received after treatment,” Barts Health explains.
Additionally, former employees were affected, specifically those who left the trust with outstanding salary sacrifice or overpayment.
Suppliers of goods or services also appeared among the victims, being listed in almost half of the potentially compromised files.
Finally, the list of victims includes Barking, Havering, and Redbridge University Hospitals NHS Trust in relation to the accounting services provided by Barts Health since April 2024. Barts Health is working with the trust to minimize the harm.
Barts Health reassures that its internal systems remain secure and the electronic patient records were not affected.
The notification relates to the breach when the Cl0p ransomware gang exploited a loophole in the Oracle E-business Suite software, impacting dozens of companies, with many left unaware of the zero-day for months. Although the theft occurred in August, Barts Health only discovered its data compromise in November, when files appeared on the dark web.
“To date no information has been published on the general internet, and the risk is limited to those able to access compressed files on the encrypted dark web,” the trust says.
Although those details cannot be used by criminals to access your accounts, they can be utilized for scam purposes, with threat actors attempting to convince you to provide more information or make payments.
The trust is now taking legal action to ban the publication, use, or sharing of this data.
“We are very sorry that this has happened and are taking steps with our suppliers to ensure that it could not happen again,” Barts Health said.
Your email address will not be published. Required fields are markedmarked