London hospitals hackers publish stolen blood test data

“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” it said.

Synnovis, meanwhile, said: “We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already underway.”

The ransomware hackers infiltrated the computer systems of the company, which is used by two NHS trusts in London, and encrypted vital information making IT systems useless.

As is often the case with these gangs, they also downloaded as much private data as they could to further extort the company for a ransom payment in Bitcoin.

It is not known how much money the hackers demanded from Synnovis or if the company entered negotiations. But the fact Qilin has published some, potentially all, of the data means they did not pay.

Law enforcement agencies around the world regularly urge victims of ransomware not to pay as it fuels the criminal enterprise and does not guarantee that the criminals will do as they promise.

Ransomware expert Brett Callow, from Emsisoft, said healthcare organisations were increasingly being targeted as the hackers knew that they could cause a lot of harm and sometimes get a big pay day.

“Cybercriminals go where the money is and, unfortunately, the money is in attacking the healthcare sector. And since United Health Group reportedly paid a $22m (£17.3m) ransom earlier this year, the sector is more squarely in the crosshairs than ever before,” he said.

On Tuesday night, Qilin spoke to the BBC on an encrypted messaging service and said they had deliberately targeted Synnovis as a way to punish the UK for not helping enough in an unspecified war.

Mr Martin described that claim as “absolute garbage” and said their aims were “entirely financial.”

The gang, like many ransomware crews, is thought to be based in Russia, but told the BBC it could not be more specific about its political allegiance or geography “for security reasons”.

On their darknet site, they also have stolen data from other healthcare organisations, as well as schools, companies and councils from around the world.