View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

113 NHS Email Accounts Hacked

"We continue to monitor all 1.41 million NHSmail accounts for suspicious activity and evolving security threats"

By CBR Staff Writer

Some 113 NHS email accounts were compromised by phishing emails last month, the NHS has admitted.

The attack came amid a large-scale, ongoing phishing campaign across the UK targeting multiple sectors.

Due to the potential compromise of sensitive data like patient medical records, a breach of any kind on NHS end-points is of serious concern; all affected accounts have been isolated.

A spokesperson for NHS Digital played down the incident, saying: “There is currently no evidence to suggest that patient records have been accessed. We are working closely with the National Cyber Security Centre, who are investigating a widespread phishing campaign against a broad range of organisations across the UK.”

See also: Just 1 of the NHS’s 200+ Trusts Has a Clean Security Scorecard

“This has affected a very small proportion of NHS email accounts.”

“We are investigating this issue and have taken the precaution of asking all mailboxes that have a similar configuration to the compromised accounts to change their passwords with immediate effect.”

(Any NHS security compromise inevitably conjures up memories of 2017’s devastating WannaCry attack. Experts say the NHS’s  security has improved markedly since then, but soft spots remain).

Content from our partners
The growing cybersecurity threats facing retailers
How to integrate security into IT operations
How Kodak evolved to tackle seismic changes in the print industry and embrace digital revolution

NHS Email Accounts Hacked

The sensitive data that the NHS has access to is of real value not just to hackers, but also to commercial or state actors.

To mitigate the risk to its patients and employees the NHS has worked with the NCSC to implement new security guidelines across the NHS.

Using a range of security techniques, such as reducing the organisation’s overall reliance on passwords, to implementing multi-factor authentication and single sign-on systems, the NHS has witnessed a 94 percent decrease in phishing incidents within the last year.

The NCSC issued a warning in 2018 about a campaign that has continued to this day, with a sharp spike of attacks again noted in October 2019.

The agency said at the time: “The NCSC is aware that victim accounts have been compromised without a user actually entering any credentials. It is possible that the actor has used password spraying to gain access.

“Following compromise, the actors access the accounts remotely (via IMAP) to monitor the victim mailbox and observe the sent items. The account is then accessed a second time to disseminate this phishing email further (via SMTP), using the victim’s address book identified in the previous access.”

See Also: BBC Reveals Plans for £12 Million Digital Overhaul, Spanning DBs, Websites, Data Science


Topics in this article: , , ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy