View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

113 NHS Email Accounts Hacked

"We continue to monitor all 1.41 million NHSmail accounts for suspicious activity and evolving security threats"

By CBR Staff Writer

Some 113 NHS email accounts were compromised by phishing emails last month, the NHS has admitted.

The attack came amid a large-scale, ongoing phishing campaign across the UK targeting multiple sectors.

Due to the potential compromise of sensitive data like patient medical records, a breach of any kind on NHS end-points is of serious concern; all affected accounts have been isolated.

A spokesperson for NHS Digital played down the incident, saying: “There is currently no evidence to suggest that patient records have been accessed. We are working closely with the National Cyber Security Centre, who are investigating a widespread phishing campaign against a broad range of organisations across the UK.”

See also: Just 1 of the NHS’s 200+ Trusts Has a Clean Security Scorecard

“This has affected a very small proportion of NHS email accounts.”

“We are investigating this issue and have taken the precaution of asking all mailboxes that have a similar configuration to the compromised accounts to change their passwords with immediate effect.”

(Any NHS security compromise inevitably conjures up memories of 2017’s devastating WannaCry attack. Experts say the NHS’s  security has improved markedly since then, but soft spots remain).

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

NHS Email Accounts Hacked

The sensitive data that the NHS has access to is of real value not just to hackers, but also to commercial or state actors.

To mitigate the risk to its patients and employees the NHS has worked with the NCSC to implement new security guidelines across the NHS.

Using a range of security techniques, such as reducing the organisation’s overall reliance on passwords, to implementing multi-factor authentication and single sign-on systems, the NHS has witnessed a 94 percent decrease in phishing incidents within the last year.

The NCSC issued a warning in 2018 about a campaign that has continued to this day, with a sharp spike of attacks again noted in October 2019.

The agency said at the time: “The NCSC is aware that victim accounts have been compromised without a user actually entering any credentials. It is possible that the actor has used password spraying to gain access.

“Following compromise, the actors access the accounts remotely (via IMAP) to monitor the victim mailbox and observe the sent items. The account is then accessed a second time to disseminate this phishing email further (via SMTP), using the victim’s address book identified in the previous access.”

See Also: BBC Reveals Plans for £12 Million Digital Overhaul, Spanning DBs, Websites, Data Science


Topics in this article : , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.