DXS International, a UK-based tech supplier of England’s National Health Service (NHS) has confirmed it was hit by a cyber-attack.
In a filing to the London Stock Exchange on December 18, DXS International said the incident was discovered on December 14 and affected its office servers.
However, the attack caused “minimal impact on the company’s services and […] front-line clinical services remain unaffected and operational,” according to the DXS filing.
Furthermore, the company does not anticipate that the incident will have an adverse financial impact at this time.
DXS International provides NHS-approved clinical support solutions for clinicians and patients and is an official partner of NHS England.
Read more on attacks against NHS suppliers: “Endemic” Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity
Threat Actor Devman Claims Data Theft
When discovering the breach, DXS said it “immediately contained it” and started an investigation in collaboration with NHS England and “an external cyber security specialist agency.”
The company also confirmed it notified the relevant authorities, including the Information Commissioner’s Office (ICO) and various NHS bodies.
A threat actor known as Devman listed DXS on their data leak site on December 14. They claimed to have stolen 300GB of data from the company and threatened to release it on 20 December.
The claim has not been confirmed by DXS or the NHS.
Image credit: chrisdorney / Shutterstock
