Cyber attack on US company hits more NHS staff

  • 1 March 2017
Cyber attack on US company hits more NHS staff
The Royal Bournemouth and Christchurch Hospitals NHS Foundation Trust will implement CareCentric as its EPR

A cyber attack on a US company could have compromised the privacy of staff throughout the NHS, with a Dorset hospital the latest confirmed victim.

The Bournemouth Echo reported on Wednesday that staff at Royal Bournemouth Hospital were told their confidential information could have been compromised in a hack on the US-based company Landauer in October last year.

The first affected customers in the UK were not informed until January.

Landauer provides ionising radiation monitoring services and is used by many NHS trusts and health boards. The company holds personal information including names, radiation doses, dates of birth and national insurance numbers for NHS staff.

Digital Health News first reported on the Landauer attack last month, when the Scottish Government confirmed nine health board had been caught up in the attack.

Now it appears NHS staff in England have also been affected by the attack, although how many trusts used Landauer has yet to be confirmed. So far, there have been no reports of patient data been affected.

The Royal Bournemouth and Christchurch Hospitals NHS Foundation Trust told the Echo that it had reported the breach to NHS Digital but NHS staff across the country were affected.

In a statement provided to Digital Health News, a Government spokesperson said NHS Digital was working with affected organisation to handle with the “external breach”.

“This government takes digital security extremely seriously.”

The spokesman said there was growing cyber threat across the UK and support was available through the newly established National Cyber Security Centre.

NHS staff that have been affected by the “unlawful access” of their “limited personal details” have been offered free identity theft support for 12 months.

Cyber attacks have become a growing concern in the NHS,  particularly since the high-profile ransomware attack at Northern Lincolnshire and Goole NHS Foundation Trust.

That attack virtually shut down the hospital for four days in October, last year, and led to the cancellation of thousands of patient appointments.

Many trusts have been reviewing their cyber resilience in the past six months as several recent reports suggest the over-reliance on obsolete technology in the NHS makes the system vulnerable.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

NHS England to adopt new cyber security framework

NHS England to adopt new cyber security framework

The National Data Guardian and NHS England have announced a new cyber resilience framework for health and social care organisations.
Kootenai Health cyber attack impacts 464,000 patients

Kootenai Health cyber attack impacts 464,000 patients

US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack.
Advanced fined £6m over stolen patient data in 2022 cyber attack

Advanced fined £6m over stolen patient data in 2022 cyber attack

The Information Commissioner’s Office has imposed a £6.09m fine on Advanced for failing to protect personal information during a cyber attack.