Hackers ‘compromised details’ of hundreds of staff
Around 200 foreign nationals working in the UK healthcare sector may have had personal details stolen and published online, according to seemingly authentic claims made on a hacking forum.
The Home Office has confirmed it is investigating allegations that its UK Visas and Immigration database was compromised.
In the post last week, a hacker purported to be selling personal details including passports, work permits, UK visas, and bank statements belonging to workers “in the healthcare industry”.
Additionally, the user claimed: “There is potential for ongoing access to the database as it appears to be periodically updated.”
Both the NHS and social care sectors have been highly reliant on migrant workers under health and care visas in recent years.
Police are now investigating the incident.
A Home Office spokesperson said: “We are aware of an incident affecting data held on a sponsor organisations system. While there is a live police investigation, it would be inappropriate to comment further.”
NHS Employers also declined to comment when asked by HSJ if it was aware of the claims and what reassurance was being given to NHS staff who may be affected. It wanted to make clear it has no role in investigating cyber attacks.
An industry source told HSJ the forum user claiming to be behind the attack appeared to be “financially motivated” and not working on behalf of a group or state. Previous attacks that the user has claimed responsibility for appear to be “indiscriminate”, and include Chinese and US private companies, the Venezuelan military and Brazil’s finance ministry.
In December, the user claimed to have been responsible for a hack on US-based health tech company Radin Health that saw the personal details of 80,000 patients compromised.
Story updated at 10:38 on 15 January with new information and updated statement from the Home Office. Previous information indicated that more than 170,000 people had their details compromised. It is now understood to be less than 200 people.
Also updated at 11.30am on 15 January to make clear NHS Employers has no role in investigating cyber attacks.