In early December 2025, Barts Health NHS Trust, one of the UK’s largest healthcare providers, disclosed a significant data breach. The Cl0p ransomware group exploited a zero-day vulnerability in Oracle’s E-Business Suite, known as CVE-2025-61882, to infiltrate the Trust’s systems. This flaw allowed the attackers to access and exfiltrate sensitive data from a database containing invoices and related records. (bartshealth.nhs.uk)
The compromised data included full names and addresses of patients who had paid for treatments or services at Barts Health hospitals over several years. Additionally, information on former employees with outstanding salary sacrifice agreements or overpayments, as well as supplier details, were exposed. Notably, the breach also affected accounting records for Barking, Havering, and Redbridge University Hospitals NHS Trust, for which Barts Health provides services. (bartshealth.nhs.uk)
Explore the data solution with built-in protection against ransomware TrueNAS.
The Trust became aware of the breach in November 2025 when the stolen files appeared on Cl0p’s dark web leak site. The initial compromise occurred in August 2025, but the data remained undetected until its public release months later. In response, Barts Health obtained a High Court order to prevent the publication, use, or sharing of the compromised data. (bartshealth.nhs.uk)
While the breach did not affect electronic patient records or clinical systems, the exposed information poses risks of social engineering, phishing, and fraud. Criminals could use the data to craft convincing scams targeting individuals. The Trust has reported the incident to NHS England, the National Cyber Security Centre, the Metropolitan Police, and the Information Commissioner’s Office, and is collaborating with these entities to investigate and mitigate the impact. (bartshealth.nhs.uk)
This incident underscores the growing threat of ransomware attacks targeting healthcare organizations. The Cl0p group has previously exploited similar vulnerabilities in enterprise software to steal sensitive data from various institutions worldwide. The Barts Health breach highlights the critical need for robust cybersecurity measures and timely patching of known vulnerabilities to protect sensitive information. (securityaffairs.com)
For individuals affected by the breach, it’s advisable to monitor financial statements and be cautious of unsolicited communications requesting personal or financial information. Staying vigilant can help mitigate potential risks associated with such data exposures.
Be the first to comment