Hammersmith Medical Research targeted by cybercriminal group, Maze

6 May 2020

On 14 March 2020, Hammersmith Medical Research (HMR) were targeted by cybercriminal group, Maze, resulting in a significant data breach.  The breach occurred when Maze stole personal data hosted on HMR’s network and began to encrypt their computers. Maze, published some of the stolen data between the period 21-23 March 2020 when HMR would not pay the demanded ransom. At the time,  HMR told Computer Weekly “we have no intention of paying.  I would rather go out of business than pay a ransom to these people.”

Following the data breach, HMR contacted all volunteers who had attended screening visits advising them that their network had been breached and some personal data had been stolen and published.

The stolen records belonged to volunteers with surnames beginning D, G, I or J but HMR also warn that although all other records were not published, the criminals might have stolen copies of them.

This breach included highly sensitive data, such as:

Name, date of birth, national insurance number, health questionnaires, test results (including in a few cases positive tests for HIV, Hepatitis and drugs use), ID documents (passport/driving licence/visa documents/photograph).

To date, HMR have not released how many people were affected by the data breach.  Their most recent update on 29 April 2020 states:

“we have obtained a detailed audit trail of the files copied by the criminals. The audit trail shows that our volunteer database was not accessed by the hackers. So, we can now confirm that, if you’ve never attended a screening visit for a clinical trial at HMR, your data weren’t stolen. If you have attended a screening visit, you can contact us to find out whether your details have been stolen – we don’t have electronic copies of identity documents, health information and bank details for everyone we’ve screened.”

If you have ever attended a screening visit with HMR or received an email from them, your data may have been compromised and you could be entitled to claim compensation.

If you have been affected by this breach, get in touch with our team.