BlackCat/ALPHV attacks Barts Health NHS Trust
Date:
June 30, 2023
Overview
Title
BlackCat/ALPHV attacks Barts Health NHS Trust
Victim
Barts Health NHS Trust
Attacker
ALPHV
Location
Size of Attack
Unknown/TBD
First Reported
June 30, 2023
Last Updated
October 31, 2022
The BlackCat/ALPHV ransomware gang has attacked Barts Health NHS Trust. Barts Health NHS Trust is one of the largest National Health Service (NHS) trusts in the United Kingdom. It operates several hospitals in London, providing healthcare services to a significant population in the capital city. The trust's name is derived from St Bartholomew's Hospital, which has a rich history dating back to 1123. Barts Health NHS Trust was established in 2012 through the merger of several hospitals and healthcare facilities, including St Bartholomew's Hospital, The Royal London Hospital, Whipps Cross University Hospital, Newham University Hospital, and Mile End Hospital. These hospitals collectively serve a diverse community and offer a wide range of medical services, including emergency care, specialized treatments, and general healthcare. BlackCat/ALPHV posted Barts Health NHS Trust to its data leak site on June 30th, claiming to have stolen 7TB of sensitive and confidential data. First observed in late 2021, BlackCat/ALPHV employs a well-developed RaaS platform that encrypts by way of an AES algorithm where the AES key is encrypted using an RSA public key.BlackCat/ALPHV has the ability to disable security tools and evade analysis and is thought to be the first ransomware group using RUST, a secure programming language that offers exceptional performance for concurrent processing. The ransomware also leverages Windows scripting to deploy the payload and to compromise additional hosts. The developers have also been linked to DarkSide/BlackMatter ransomware attacks and may simply be a rebranding of those campaigns.
This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.