Post Content Read More
Related Posts
Hackers Published Sensitive Data Stolen From London Hospitals
Hackers Published Sensitive Data Stolen From London Hospitals
A cyber-attack on London hospitals resulted in the publication of sensitive data stolen from Synnovis, a National Health Service (NHS) pathology provider.
The attack, which occurred on June 3, has been attributed to the Russian-speaking hacker group Qilin. The group has released over 380GB of data on its Telegram channel, claiming it includes patient information and financial records.
The hackers infiltrated Synnovis’s IT systems, encrypting files and demanding a $50 million ransom to restore access.
Synnovis, a partnership between Synlab UK & Ireland and two NHS trusts—Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust—provides critical lab testing services to hospitals and primary care services in London and Kent.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot
The attack has severely impacted blood transfusion and testing capabilities, leading to the postponement of over 1,000 operations and more than 2,000 appointments.
Published Data
The data published by the hackers reportedly includes patient names, dates of birth, NHS numbers, and descriptions of blood tests. Financial spreadsheets were also among the leaked information.
The NHS has not yet confirmed the specifics of the published data, and it remains unclear if the information includes test results. Law enforcement agencies are currently investigating the attack.
In a statement to BBC, the NHS acknowledged the publication of the data and expressed concern over the potential impact on patients.
“We understand that people may be concerned by this, and we are continuing to work with Synnovis, the National Cyber Security Centre, and other partners to determine the content of the published files as quickly as possible,” the NHS said.
The organization is working to ascertain whether the data was extracted from Synnovis’s systems and whether it pertains to NHS patients.
The cyber-attack has caused significant disruptions to healthcare services in London. Seven hospitals run by the two affected NHS trusts experienced major service interruptions, including canceling or relocating elective operations.
Between June 3 and June 9, 832 surgical procedures were postponed, including cancer surgeries and organ transplants.
The affected hospitals include Guy’s, St Thomas’, King’s College, the Evelina Children’s Hospital, Royal Brompton, Harefield specialist heart and lung hospitals, and the Princess Royal Hospital in Orpington.
Ongoing Investigation
The NHS, in collaboration with the National Cyber Security Centre and other partners, is conducting a thorough investigation to determine the full extent of the data breach and its implications.
Publishing the stolen data is seen as a tactic to pressure Synnovis to pay the ransom. The NHS has assured the public that it will continue to provide updates as more information becomes available.
The cyber-attack on Synnovis and the subsequent publication of sensitive data highlights the growing threat of ransomware attacks on critical healthcare infrastructure.
The incident underscores the need for robust cybersecurity measures to protect patient data and ensure the continuity of essential healthcare services.
Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The post Hackers Published Sensitive Data Stolen From London Hospitals appeared first on Cyber Security News.
Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services.
The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the Politie said.
The marketplace Read More
EmailGPT Vulnerability Let Attackers Access Sensitive Data
EmailGPT Vulnerability Let Attackers Access Sensitive Data
A new prompt injection vulnerability has been discovered in the EmailGPT service. This API service and Google Chrome plugin help users write emails in Gmail using OpenAI’s GPT model.
The prompt injection vulnerability arises when an attacker manipulates a large language model (LLM) using manipulated inputs, allowing the LLM to execute the attacker’s intentions deliberately.
With a CVSS base score of 6.5, this vulnerability—CVE-2024-5184—indicates a medium severity level.
Analyze any MaliciousURL, Files & Emails & Configuration With ANY RUN : Start your Analysis
“Exploitation of this vulnerability would lead to intellectual property leakage, denial-of-service, and direct financial loss through an attacker making repeated requests to the AI provider’s API which are pay-per-use”, Synopsys Cybersecurity Research Center (CyRC) shared with Cyber Security News.
Prompt Injection in EmailGPT Service
A large language model (LLM) is vulnerable to prompt injection when an attacker manipulates it with specially constructed inputs, leading the LLM to carry out the attacker’s plans unintentionally.
This can be accomplished either directly—by “jailbreaking” the system prompt—or indirectly—by manipulating external inputs, which could result in social engineering, data exfiltration, and other issues.
Researchers identified a prompt injection vulnerability in the EmailGPT service.
A malicious user can inject a direct prompt and take control of the service logic since the service uses an API.
Attackers can take advantage of this vulnerability by forcing the AI service to execute unwanted prompts or leak the usual hard-coded system prompts.
When a malicious prompt is submitted to EmailGPT, the system will react by giving the request for harmful information.
Anyone with access to the service can take advantage of this vulnerability.
The main EmailGPT software branch is impacted. Repeatedly requesting unapproved APIs poses serious threats, such as theft of intellectual property, denial-of-service attacks, and financial damage.
Recommendation
To reduce any possible threats, CyRC therefore recommended users remove EmailGPT applications from their networks right away.
Looking for Full Data Breach Protection? Try Cynet’s All-in-One Cybersecurity Platform for MSPs: Try Free Demo
The post EmailGPT Vulnerability Let Attackers Access Sensitive Data appeared first on Cyber Security News.