NHS Tech Provider DXS International Confirms Data Breach Claimed by DevMan Ransomware Group
Published
Key Takeaways
- Breach confirmation: DXS International, a technology provider for NHS England, confirmed a security incident affecting its office servers, discovered on December 14.
- Ransomware claims: The DevMan ransomware group has claimed responsibility, alleging the theft of 300 GB of data from the company's systems.
- Operational Impact: The breach was contained, and DXS states there was minimal impact on services.
DXS International, a U.K.-based healthcare technology provider serving the National Health Service (NHS), has officially disclosed a cybersecurity incident affecting its office servers. This incident highlights the growing vulnerability of third-party vendors within NHS England's critical infrastructure, as it has been hit by breaches before.
DXS International Filing
In a regulatory filing with the London Stock Exchange, the company revealed that it detected a DXS International data breach on December 14. NHS England is “not aware of any patient services being impacted,” NHS spokesperson Katie Baldwin has told TechCrunch.
DXS software is used by primary care physicians to reduce costs and interacts with patient records, but does not appear to store patient medical data.
DevMan Ransomware Group Claims Responsibility
While DXS International has not publicly attributed the attack to a specific actor, TechCrunch reported a ransomware gang known as DevMan has taken credit for the intrusion. On their dark web leak site, the group listed DXS as a victim and claimed to have exfiltrated approximately 300 gigabytes of sensitive data.
At this stage, it remains unverified whether this stolen dataset includes patient medical records or strictly corporate data.
Company Response and Investigation
DXS International’s filing said that the company’s frontline clinical services remain operational and unaffected, that it has notified relevant regulatory bodies, including the Information Commissioner’s Office (ICO), and that it is cooperating with law enforcement.
The DevMan ransomware group claimed an Elematec Corporation breach and a Feel Four breach with Qilin this year.
In August 2024, NHS vendor Advanced was slapped with a £6 million fine for poor cybersecurity related to the 2022 LockBit attack, while a major NHS Professionals security breach that was never published revealed concerning vulnerabilities this year.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular