A ransomware gang has reportedly published 400 gigabytes of data stolen from Synnovis, a UK-based provider of medical testing services.

The U.K.’s healthcare system, the National Health Service, said today that law enforcement agencies are working to verify the data. “The National Crime Agency and National Cyber Security Centre are working to verify the data included in the files published by the criminals,” the NHS detailed in a statement. “These files are not simple uploads and so investigations of this nature are highly complex and can take weeks if not longer to complete.”

Synnovis is a joint venture between the NHS and Synlab AG, a Munich-based provider of medical testing services. It processes blood tests for four London hospitals. A ransomware attack on June 3 saw a hacker group download data from the company’s network and disrupt some of its internal systems.

The hacker group, which is known as Qilin, on Thursday leaked about 400 gigabytes of data it stole in the breach. A subset of the records analyzed by the BBC was found to contain patients’ names, dates of birth, NHS numbers and descriptions of blood tests. Additionally, the leaked data trove reportedly includes spreadsheets with information about transactions between hospitals, general practitioner and Synnovis.

The NHS stated that there is no indication the hackers gained access to its email system. “However, we would remind you that you will not receive unexpected contact from the NHS asking for personal or financial information,” it cautioned.

Besides stealing data, the hackers also disrupted some of Synnovis’ clinical operations. On June 14, 11 days after the breach, the NHS stated that about 1,500 elective surgeries and outpatient appointments had to be delayed because of the breach. On Thursday, officials detailed that this number more than doubled to about 3,300.

“Unprocessed samples were made safe by Synnovis and stored in their labs,” the NHS detailed today. “However, due to the time that has now lapsed, some of these samples are no longer suitable for analysis and will need to be discarded. Synnovis is working with the NHS Trusts and GP practices to determine which samples are affected and the process for informing patients.”

The NHS has set up a helpline to answer patients’ questions about the breach. It also launched a webpage that will display updates on what information was compromised in the breach.

The Synnovis breach represents the latest in a series of high-profile cyberattacks against healthcare organizations.

Last month, U.S. health system Ascension disclosed that a cyberattack had disrupted some of its clinical operations. Earlier, hackers leaked data stolen from a unit of UnitedHealth Group Inc., the largest health insurer in the U.S. The latter breach temporarily left many doctors unable to process medical claims or fill prescriptions. 

Photo: Raxpixel