Synnovis has confirmed that data published last week is legitimate. 

After attackers were reported to have published around 400GB of patient names, dates of birth, NHS numbers and descriptions of blood tests last week, Synnovis - who was the initial victim of the attack - has confirmed that the data was stolen from Synnovis’ systems.

In a statement, the company said  it is too soon to be able to confirm the exact nature of the information and the organisations and individuals it relates to. However from a limited and initial review conducted over the weekend, it determined:

• There was no evidence that the Laboratory Information Management Systems (the software that supports laboratory operations) databases had been posted. These are the main systems holding the patient test requests and results. 

• The administrative working drive has been posted in partial and fragmented form. This will contain some fragments of patient identifiable data. 

• The area where we store payroll information has not been published, but more needs to be done to review other data that has been published relating to our employees. 

Current Priority

The company said understanding the administrative working drive is the current priority. “We and the technical experts who are supporting us are working as fast as we can to try to be able to confirm more details and appreciate that waiting will potentially cause people some concern. We will keep our service users, employees and partners updated as the investigation progresses.”

Patients denied a blood test because of the cyber attack on the NHS may have to wait up to six months to have their sample taken.

According to media reports, delays are now so long that some patients have decided to pay to have their blood taken and analysed by a private clinic rather than remain on the NHS waiting list.

An ICO spokesperson said it is continuing to make enquiries into this matter, “we recognise the sensitivity of some of the information in question and the worry this may have caused” and urged anyone concerned about how their data has been handled to check the ICO website for advice and support, as well as visiting NHS England's website.

Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.