- NHS tech supplier DXS International hit by ransomware; minimal impact on clinical services
- Unknown group DevMan claims responsibility, alleging theft of 300GB of company data
- NHS suppliers have faced ransomware before; 2022 breach led to £3.07M ICO fine
DXS International, a key technology supplier for the National Health Service (NHS) in England, has revealed it suffered a ransomware attack at the hands of an unknown threat actor.
The company filed a new report with the London Stock Exchange stating it had suffered a “security incident” affecting its office servers.
The attack was discovered on December 14 and has since been remedied. The company said it brought in third-party cybersecurity specialists to investigate and assess the damage and notified relevant authorities about the incident.
300GB of stolen files
“There was minimal impact on the company’s services and the company’s front-line clinical services remain unaffected and operational,” the report concludes.
DXS did not share key details – what the nature of the attack was, who did it, or if they stole any files in the process. However, TechCrunch says it found a rather unknown ransomware actor called DevMan assumed responsibility.
“In a post on its dark web site, which TechCrunch has seen, the hackers listed the company on December 14 and claimed to have stolen 300 gigabytes of data from the company,” the publication claims.
If the files have not yet been leaked to the dark web, that could mean that DevMan are trying to extort DXS for money.
This is not the first NHS supplier to be hit with ransomware. Back in 2022, Advanced Computer Group suffered the same fate, but with more tangible effects for the healthcare provider. The attack caused disruptions to critical services at the time, including NHS 111, and meant some healthcare staff were unable to access patient records. The stolen information included patient phone numbers, medical records, and most concerning, access details for the homes of 890 people receiving care at home.
In March 2025, the UK Information Commissioner’s Office (ICO) issued a fine of £3.07 million for the breach that exposed personal information of 79,404.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/Fh3VbXWULVM5kiG48uTmkK-970-80.jpg
Source link
