Hackers are poised to release a substantial amount of NHS Scotland data

A ransomware collective known as INC Ransom has issued a threat to release a massive stash of pilfered data subsequent to a cyber assault on a Scottish health board. Earlier this month, NHS Dumfries and Galloway stated that hackers may have obtained “a notable volume” of patient and personnel details.

Identified as INC Ransom, the group has declared its intention to disclose three terabytes of data unless their requirements are fulfilled. The hackers have already unveiled what they term a “proof pack,” containing confidential details of a limited number of patients. The documents released so far include names and addresses, and personal medical details.

Above Image – INC Ransom’s dark web blog post.

NHS Dumfries and Galloway verified that a “limited number of patients’ clinical data” had been released by a known ransomware faction.

In an official statement, the health board revealed that hackers managed to infiltrate a substantial volume of data, encompassing identifiable information of both patients and staff.

Jeff Ace, the chief executive of the health board, assured that patient services were operating “normally and efficiently” despite the recent IT system breach.

As part of their response strategy, Jeff Ace mentioned that the health board intends to reach out to affected patients whose data has been compromised.

Labour’s South Scotland MSP Colin Smyth has described the threats to release the stolen NHS data as “deeply concerning for NHS staff and patients”.

INC Ransom emerged in July 2023, employing tactics that involve encrypting and pilfering the data of its targets. Subsequently, it issues threats to publicly disclose the data unless the victim submits payment.