Ethical Hacking News
A major UK healthcare provider has disclosed a massive data breach after being hacked by Clop ransomware actors. The breach exposed sensitive patient information and highlights the importance of robust cybersecurity measures in protecting against zero-day exploits.
Barts Health NHS Trust suffered a massive data breach after being hacked by Clop ransomware actors. The breach exposed sensitive information about patients who paid for treatment or other services at the hospital, including personal and financial details. The hackers exploited a vulnerability in Oracle E-business Suite software to steal invoices with sensitive information. Over 74 US banks and credit unions were affected by a separate Marquis data breach, exposing customer information. The Clop ransomware gang has been exploiting a critical Oracle EBS flaw since early August, impacting multiple organizations worldwide. Barts Health NHS Trust's core IT infrastructure remains secure, but patients are advised to check their invoices for exposed data. The incident highlights the vulnerability of healthcare organizations to cyber attacks and the importance of robust cybersecurity measures.
Barts Health NHS Trust, a major healthcare provider in England, has announced that it has suffered a massive data breach after being hacked by Clop ransomware actors. The breach, which occurred in August but was not discovered until November, exposed sensitive information about patients who paid for treatment or other services at the hospital.
According to Barts Health NHS Trust, the hackers exploited a vulnerability in its Oracle E-business Suite software, which allowed them to steal invoices spanning several years that contained personal and financial information about individuals who paid for treatment or other services. The stolen data also included information about former employees who owed money to the trust and suppliers whose data was already public.
The hacked database also included files concerning accounting services provided by Barts Health NHS Trust since April 2024 to Barking, Havering, and Redbridge University Hospitals NHS Trust. In total, over 74 US banks and credit unions were affected by a separate Marquis data breach, which exposed sensitive information about customers who used the company's financial products.
The Clop ransomware gang, which has been exploiting a critical Oracle EBS flaw tracked as CVE-2025-61882 since early August, stole private information from a large number of organizations worldwide. Victims that have confirmed impact from Cl0p ransomware's campaign include Envoy Air, Harvard University, GlobalLogic, Washington Post, Logitech, Dartmouth College, the University of Pennsylvania, and the University of Phoenix.
Barts Health NHS Trust has stated that its core IT infrastructure remains secure, and patients who paid for treatment at the hospital are recommended to check their invoices to determine what data was exposed. The trust has also informed the National Cyber Security Centre, the Metropolitan Police, and the Information Commissioner's Office (ICO) about the data theft incident.
The healthcare organization assured that Clop's attack did not impact its electronic patient record and clinical systems, but it is still assessing the extent of the breach and how to mitigate any potential damage. The hospital operator stated that it is in the process of getting a High Court order to ban the publication, use, or sharing of the exposed data by anyone.
The incident highlights the vulnerability of healthcare organizations to cyber attacks and the importance of robust cybersecurity measures to protect sensitive patient information. As the number of healthcare organizations increasing and the amount of personal data being stored grows, so does the potential for cyber breaches.
In a statement, Barts Health NHS Trust acknowledged that the breach was not discovered until November, which suggests that the hackers may have been hiding in plain sight for several months. The trust emphasized its commitment to protecting patient data and ensuring that its systems are secure.
The incident also highlights the importance of regular cybersecurity audits and updates to prevent zero-day exploits like the one that Clop ransomware gang used. Oracle has issued a patch for the CVE-2025-61882 vulnerability, but it is unclear whether Barts Health NHS Trust had applied the update before the breach occurred.
The Marquis data breach, which affected over 74 US banks and credit unions, also highlights the importance of robust cybersecurity measures to protect sensitive financial information. The incident has raised concerns about the potential for identity theft and other forms of cybercrime.
In conclusion, Barts Health NHS Trust's disclosure of a massive data breach after an Oracle zero-day hack serves as a stark reminder of the importance of robust cybersecurity measures in protecting sensitive patient information. As the healthcare industry continues to grow, so does the potential for cyber breaches, and it is essential that organizations take proactive steps to prevent such incidents.
Related Information:
https://www.ethicalhackingnews.com/articles/Barts-Health-NHS-Discloses-Massive-Data-Breach-After-Oracle-Zero-Day-Hack-ehn.shtml
https://www.bleepingcomputer.com/news/security/barts-health-nhs-discloses-data-breach-after-oracle-zero-day-hack/
https://www.bartshealth.nhs.uk/news/cl0p-cyberattack-update-18178
https://www.sentinelone.com/anthology/clop/
https://en.wikipedia.org/wiki/Clop_(hacker_group)
Published: Fri Dec 5 13:04:30 2025 by llama3.2 3B Q4_K_M
