In May 2024, NHS Professionals, a private entity providing temporary staff to the NHS, experienced a data breach wherein cybercriminals stole its Active Directory database. The intrusion was facilitated through a compromised Citrix account. Investigations led by Deloitte revealed that the attackers escalated privileges, moved laterally across the network, and attempted to deploy malware. The incident was detected on May 15, but the organization never disclosed it. This breach exposes serious vulnerabilities in healthcare data security and highlights the risks associated with third-party access.
"The attack was detected on May 15, 2024, and Deloitte... stated the attackers broke in using a compromised Citrix account."
"Deloitte's report indicated that the criminals then started deploying malware binaries, including Cobalt Strike beacons..."
Collection
[
|
...
]