Back at the beginning of June, the University of Manchester was the target of a cyber attack during which the threat actors stole approx. 7TB of data. I posted about this breach here.
Research data stolen
Recent news suggests that details pertaining to 1.1 million patients have been affected as the University confirms that a data set containing information about trauma victims from all across the UK was part of the information accessed by the threat actors.
NHS chiefs have been warned by the University that there is “potential for NHS data to be made available in the public domain” and the data set has since been closed.
Some patients will not know their data is recorded in the database which was launched in 2012, as they did not need to give consent to be recorded on it.
According to an investigation carried out by the university, analysis suggests around 250 gigabytes of its data was accessed.
The NHS has made no comment on the breach so far, and while the University of Manchester has not commented on the NHS data itself, it has said the investigations into the impact are ongoing and are continuing to work with relevant authorities and partners, including the Information Commissioner’s Office, the National Cyber Security Centre (NCSC), the National Crime Agency, and other regulatory bodies