#Privacy: Cyber criminals target UK medical research company


A UK medical research company, set to carry out COVID-19 vaccine trials, has been hit by a ransomware attack. 

On March 14, Hammersmith Medicines Research (HMR) was targeted by the Maze Ransomware group, which resulted in its computer systems being locked down. 

Reported by Computer Weekly, on March 21, the threat group started publishing historic sensitive medical and personal information relating to thousands of former patients online. 

The data, dating back 8 to 20 years, included medical questionnaires, driving licenses, copies of passports, and the national insurance numbers of more than 2,300 of the company’s patients. 

Managing and clinical director of HMR, Malcolm Boyce explained that the threat group had sent a ransom demand, alongside medical files as proof they had gained access to the company’s data. 

Boyce told Computer Weekly, that even if it had the funds to pay the random it wouldn’t: “We have no intention of paying. I would rather go out of business than pay a ransom to these people.”

Following the attack, Boyce said:  “We repelled [the attack] and quickly restored all our functions. There was no downtime.”

The attack comes days after Maze announced that it would stop all activity against all kinds of medical organisations during the current global pandemic.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.