December Edition
A monthly newsletter summarising the latest data protection news at the end of each month. This may include data breaches, cybersecurity incidents, reprimands, and enforcement notices, as well as any new guidelines and best practices issued.
Alder Hey Children's Hospital Cyber Attack
The hospital has confirmed that criminals gained unlawful access to data through a digital gateway service hosted by Alder Hey, which it shares with Liverpool Heart and Chest Hospital.
The INC Ransom group stated it had published screenshots of data on the dark web that contained patients' personal information, donations from benefactors and procurement information. Alder Hey has stated:
We are continuing to take this issue very seriously while investigations continue into whether the attacker has obtained confidential data. The investigation into the data may take some time, and there is a possibility that the attacker may publish the data before our investigation is concluded.?
Investigations are ongoing, and according to the latest update from the hospital (here), they are securing the impacted systems. The hospital is also in contact with the ICO and GCHQ.
According to the Guardian, last year, victims of ransomware attacks paid out £866m to assailants (their source was cryptocurrency firm Chainanalysis). Read the article here.
A patient's mental breakdown captured and shared via WhatsApp
A staff member at the Becklin Centre, Leeds, filmed Julie Trafford while she was being admitted, then shared the recording via WhatsApp to a group consisting of NHS workers and members of the public, without her knowledge.
Julie was made aware of the footage by a member of management when she was discharged in October 2023. She told the BBC that she felt
dirty, angry, and confused after finding out that one of her moments of crisis was recorded and shared.
She went on to ask
Why would someone do that? Especially the NHS employees. It is totally out of order.
The Care Quality Commission has since made recommendations to the Leeds and York Partnership NHS Foundation Trust, to which they are obliged to respond within a month. Since the BBC article, Julie Trafford's MP, Richard Burgon, has written to the trust for more information about their investigation. The ICO has also indicated that they are assessing the incident.
Read the BBC story here.
Starbucks, Sainsbury's and Morrisons impacted by Blue Yonder Hack
Blue Yonder, which specialises in demand forecasting and replenishment, automated ordering, and warehouse and transportation software, was affected by a ransomware attack in November, which impacted its private cloud.
According to the Wall Street Journal, the attack prevented Starbucks from paying its baristas and managing their schedules. Cafe managers had to revert to manually calculating their employees' pay using their scheduled shifts, leaving a more significant margin for error as the actual hours may not have lined up! According to The Grocer, Sainsbury's and Morrisons were also impacted, with Morrisons using a backup system to manage its warehouses.
Ransomware group Termite has claimed responsibility and stated it has 680 GB of Blue Yonder data. According to TechRepublic
The group exfiltrates sensitive data while encrypting files, adding a signature ‘.termite’ extension, and threatens to leak stolen information if the ransom isn’t paid.
You'll be able to read the full TechRepublic article here.
GCHQ Christmas Challenge 2024
GCHQ's Chief Puzzler has created and released the 2024 Christmas challenge, comprised of seven tests. Below is a quick video describing how to complete the challenge.
#GCHQchristmaschallenge
Useful Resources
Below are some useful resources I've identified this month which you may find useful.
That's all for this month! Let me know what you think.
Kellie