Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang exploited a critical vulnerability in Oracle E-Business Suite software.
The criminal syndicate stole files from an invoice database. It published them on the dark web, compromising the personal data of individuals who received treatment or services at Barts Health hospitals over several years.
The breach resulted from a zero-day vulnerability in Oracle E-Business Suite, software designed to automate essential business processes.
This security flaw affected organizations worldwide before Oracle issued a patch.
The stolen files primarily contain names and addresses of patients liable for treatment payments, though the trust emphasizes that electronic patient records and clinical systems remain unaffected.
Scope of the Breach
The compromised database includes invoice-related information spanning multiple years.
Affected individuals include paying patients who received private treatment at Barts Health facilities and former staff members who left employment with outstanding debts related to salary sacrifice schemes or overpayments.
Nearly half of the exposed files contain supplier information already available in the public domain.
Additionally, the database contained records of the accounting services Barts Health provided to Barking, Havering, and Redbridge University Hospitals NHS Trust since April 2024.
Both organizations are collaborating to minimize harm to those affected by the incident.
The data theft occurred in August, but Barts Health remained unaware of the compromise until November, when Cl0p posted the stolen files on the dark web.
The trust is pursuing a High Court order prohibiting any party from publishing, using, or sharing the compromised data.
Currently, the stolen information remains confined to encrypted dark web platforms and has not appeared on the general internet.
However, security experts warn that criminals could exploit the exposed data through social engineering tactics, tricking victims into revealing sensitive information or making fraudulent payments.
Barts Health is working closely with NHS England, the National Cyber Security Centre, the Metropolitan Police, and the Information Commissioner’s Office.
The trust has reported the breach to all relevant regulatory authorities and assures the public that core IT infrastructure security remains intact.
Affected individuals seeking information about compromised data should review invoices received after treatment.
The trust recommends contacting their data protection officer with concerns and visiting Stop! Think Fraud resources for guidance on protecting personal information from scams.
Barts Health has apologized for the incident and pledged to implement additional safeguards with suppliers to prevent future occurrences.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.