Two NHS trusts, UCLH and University Hospital Southampton, faced cyber attacks exploiting an Ivanti Endpoint Manager Mobile flaw. Although staff data was compromised, UCLH confirmed patient data remained secure. Investigations are underway with NHS England’s cybersecurity experts. The attacks, traced back to a China-based IP, exposed vulnerabilities within NHS vendor security, echoing previous incidents affecting NHS services. The incident raised alarms over security management, as the NHS continues facing cyber threats that disrupt operations and patient care.
The breach reportedly stemmed from a recently discovered exploit in third-party software. This is a stark reminder of the risks posed by inadequate vendor security management.
UCLH stated that their system compromised contained data about staff mobile devices, like mobile numbers and IMEI codes, but did not contain passwords or patient data.
Collection
[
|
...
]