Tech provider for NHS England confirms data breach | TechCrunch

Tech provider for NHS England confirms data breach | TechCrunch

Briefly

"DXS International, a U.K.-based company that provides healthcare tech for England's National Health Service (NHS), disclosed a cyberattack in a statement on Thursday. In a filing with the London Stock Exchange, the company said it experienced a "a security incident affecting its office servers," discovered on December 14. The company said it "immediately" contained the breach working together with the NHS, and hired a cybersecurity firm to investigate "the nature and extent of the incident.""

"At this point, the specific nature of the breach is not known, nor whether any patients' medical information was stolen. However, earlier this week, a ransomware group called DevMan took credit for the breach. In a post on its dark web site, which TechCrunch has seen, the hackers listed the company on December 14 and claimed to have stolen 300 gigabytes of data from the company."

""There was minimal impact on the company's services and the company's front-line clinical services remain unaffected and operational," read the filing. DXS said it also notified law enforcement and regulators, including the UK's data protection authority, the Information Commissioner's Office, or ICO, about the cyberattack. NHS England spokesperson Katie Baldwin told TechCrunch that the health service is "not aware of any patient services being impacted.""