Thousands of patient records taken in cyber attack
Stuart Woodward/BBCOne of the largest hospital trusts in England has confirmed thousands of patient test results were stolen in a cyber attack in 2024.
Mid and South Essex NHS Foundation Trust (MSE), which runs Broomfield hospital in Chelmsford as well as Basildon and Southend hospitals, said the breach involved 2,380 records.
The data was taken from the computer drives of a third‑party testing provider, Synnovis, that analysed blood, urine and tissue samples.
The trust, which was notified about the breach in December, said it would be contacting those affected.
The trust is one of an undisclosed number of NHS organisations whose confidential patient data was involved in the data breach.
Last week, Bedfordshire Hospitals NHS Foundation Trust revealed almost 33,000 of its patients had their data stolen in the same hack.
According to Synnovis, the data was published on the dark web.
It said there was no evidence the data had been used maliciously and it was stolen "in haste and in a random manner".
Chief executive Mark Dollar said it was offering "our full support" to the organisations affected.
It is about two years since the breach in June 2024, when it was confirmed a number of London hospitals, which relied heavily on the provider for testing and IT systems, had been affected.
A Russia-based cyber-criminal group called Qilin has previously admitted responsibility for the attack.
A lengthy review of the stolen data followed and Synnovis said it had notified all affected NHS trusts.
It said individual trusts were responsible for informing patients if their data had been taken.
It warned that the stolen information could include people's names, dates of birth, patient numbers, NHS numbers, postcodes and test results.
Although the data did not relate to systems run by MSE, the trust said at a recent board meeting it had brought in cyber security experts to strengthen its own systems.
Dawn Scrafield, deputy chief executive for MSE, said the records affected related to a mixture of specialist diagnostic tests.
"Some data is not directly linked to patients, so we are still waiting for confirmation on exact numbers," she said.
"Once we have established who those patients are, we will be in contact with any who have been affected."
Do you have a story suggestion for Essex? Contact us below.
Follow Essex news on BBC Sounds, Facebook, Instagram and X.