Reports suggest the INC group, which is known for targeting healthcare organisations, has posted 11 screenshots on the dark web showing a sample of patient data illegally from systems shared by Alder Hey and Liverpool Heart and Chest Hospital NHS Foundation Trust.
The data includes names, addresses and medical reports, as well as donation details and other financial documents. The data, which is believed to span from 2018 to 2024, has been published online and shared via social media.
The trust said in a statement: ‘We are working with partners to verify the data that has been published and to understand the potential impact.
‘We are taking this issue very seriously and are working with the National Crime Agency as well as partner organisations to secure our systems and to take further steps in line with law enforcement advice as well as our statutory duties relating to patient data.'
The incident is not linked to the ongoing incident at Wirral University Teaching Hospitals.
