Over 100 NHS Accounts Compromised By Phishing Attack

113 NHSmail mailboxes were hacked at the beginning of the month, sending malicious emails to external recipients, according to a spokesperson from NHS Digital. The NCSC has confirmed that this activity is part of a widespread credential-harvesting phishing campaign that is targeting a broad range of organisations across the UK, and are working with the NHS to mitigate against cyber-attacks. There is currently no evidence to suggest that patient records were accessed, but with the NHS managing a huge range of sensitive information, the implications of this attack could be incredibly serious.

Experts Comments

June 16, 2020
Jake Moore
Cybersecurity Specialist
ESET
NHS Digital have done a tremendous amount to protect their network since WannaCry but, like any organisation, there’s never just one hole to plug: it is a continuous battle of improvement for the security team. Two factor authentication is clearly a difficulty for the NHS due to the number of multiple users using multiple devices. 2FA can be a simple answer to combat many phishing campaigns, but when it can’t be implemented due to the structure of the organisation, failures will remain in .....Read More
NHS Digital have done a tremendous amount to protect their network since WannaCry but, like any organisation, there’s never just one hole to plug: it is a continuous battle of improvement for the security team. Two factor authentication is clearly a difficulty for the NHS due to the number of multiple users using multiple devices. 2FA can be a simple answer to combat many phishing campaigns, but when it can’t be implemented due to the structure of the organisation, failures will remain in place and attacks will slip through the net. The NHS’s journey to full protection is a long road, with many different security layers required to make the best out of how they operate.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.