A report by The Independent claims NHS details of more than a million patients may have been compromised following the attack. Credit: Skorzewiak/Shutterstock NHS details of more than a million patients may have been compromised in the recent cyberattack on the UK’s University of Manchester, senior health chiefs have been warned. That’s according to a report by The Independent, which claims to have received leaked evidence that the ransomware attack affected an NHS patient data set that holds information on 1.1 million patients across 200 hospitals. Among the details potentially exposed are NHS numbers and the first three letters of patients’ postcodes, the report stated. On June 9, the University of Manchester revealed it had suffered a cyber incident in which systems were accessed by an unauthorised party. At the time, it said it was likely that data had been copied, whilst in-house and external experts were working to resolve the incident, the University said. It notified the relevant authorities including the Information Commissioner’s Office (ICO), the UK National Cyber Security Centre (NCSC), and the National Crime Agency (NCA). The university has since confirmed that some of its systems have been accessed by a criminal entity with a small proportion of data copied that relates to some students and alumni. This includes names, contact details, gender, dates of birth, university ID numbers, and fee statuses, the university said. However, the revelation that exposed information may also include NHS data could be of greater significance, with NHS chiefs apparently warned by the university by that there is "potential for NHS data to be made available in the public domain," according to The Independent. Some patients will not know they are on the database, launched in 2012, as they did not need to give consent to be recorded on it, it claimed. University of Manchester removes off-campus VPN access following attack In the wake of the incident, the University of Manchester has temporarily removed access to its GlobalProtect VPN service off campus as a precaution. It is not expected to be made available again before August 2023, it said. Meanwhile, some IT services remain affected, resulting in delays to application and admission processes, the university wrote. It has told students and employees to continue working as normal unless advised otherwise but urged users to follow security guidance including resetting passwords, reporting suspicious activity, avoiding the creation of extra backups, and updating software. Exposure of NHS, medical data can be catastrophic "The theft of personally identifiable data is concerning, especially when it includes sensitive medical information," Jake Moore, global cybersecurity advisor at ESET, tells CSO. Ransomware attacks now often involve the release of data, rendering backups insufficient in defending against these attacks, he adds. "Once threat actors obtain critical sensitive data, they can demand any ransom they choose. Unfortunately, the norm is increasingly the release of data, which is catastrophic when the NHS is the unfortunate victim, as patients now need to be more vigilant to scams. This also damages trust between the NHS and their patients, which is what the health service is built upon," Moore says. Education sector a prime target for cyberattacks The education sector is a prime target for cyberattacks globally. In January, it was revealed that more than a dozen schools in the UK suffered a cyberattack which led to highly confidential documents being leaked online by cybercriminals. Meanwhile, notorious cybercrime groups such as Vice Society have targeted US colleges and universities in recent ransomware campaigns. Israel's Technion University suffered a ransomware attack by a new group calling itself DarkBit which forced it to proactively block all communication networks. A New South Wales Audit Office report revealed the financial losses of Australian universities following cyberattacks suffered in 2022. Related content feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO CSO and CISO C-Suite news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe