University College London Hospitals (UCLH) NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have been hit by cyber attacks that compromised staff information. The breach stemmed from a vulnerability in Ivanti Endpoint Manager Mobile (EPMM)—a tool used to manage employee mobile devices. Ivanti patched the flaw on May 15, shortly after its discovery.

UCLH, with assistance from NHS England cybersecurity experts, confirmed no evidence of patient data exposure. The compromised system reportedly contained details like mobile numbers and IMEI codes, but no passwords or clinical records.

Sky News, which broke the story, cited security analysts at EclecticIQ, who uncovered additional global victims spanning the UK, Scandinavia, the US, Germany, Ireland, South Korea, and Japan. The attacks originated from a China-based IP address, though official attribution remains unclear.

This incident adds to a growing list of NHS-related breaches. In June 2024, a ransomware attack on Synnovis, a blood testing provider, disrupted thousands of procedures across London hospitals. Just months earlier, in November, Wirral University Teaching Hospital Trust also faced a major cybersecurity event.

Cybersecurity experts, including Dray Agha from Huntress, stressed the urgent need for stronger vendor risk management. “This breach, linked to third-party software, underscores the importance of securing the entire healthcare supply chain,” Agha noted. He emphasized the need for constant patching, vendor coordination, and rapid response strategies.

In response to escalating threats, the NHS recently introduced a cybersecurity charter that sets stricter requirements for suppliers. These include using multi-factor authentication, maintaining immutable backups, applying timely patches, and 24/7 threat monitoring—steps aimed at reinforcing digital resilience across all NHS-connected vendors.

Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.

News Source: ITPro.com