Europe Россия Внешние малые острова США Китай Объединённые Арабские Эмираты Корея Индия

Hackers who targeted the private hospital that treated Kate Middleton are threatening to release the Royal Family's private medical information

11 months ago 70
  • GCHQ and police investigating hacking gang Rhysida named after centipede

By Kevin O'sullivan

Published: 22:31 GMT, 2 December 2023 | Updated: 22:41 GMT, 2 December 2023

Hackers who targeted the private hospital which treated Kate, Princess of Wales, are threatening to release private medical information belonging to members of the Royal Family.

The gang broke into the computer systems of the King Edward VII's Hospital and warned they aim to release 'data from the Royal Family' on Tuesday unless they are paid £300,000 in the cyber currency Bitcoin.

The ransom demand was made on the dark web, where the hackers posted images of what they claim are stolen files including X-rays, letters from consultants, registration forms, handwritten clinical notes, and pathology forms.

Prince William departs the King Edward VII hospital with his wife Catherine, Duchess of Cambridge

The Princess of Wales was admitted to the King Edward VII's Hospital in 2012 with prolonged bouts of acute morning sickness during her first pregnancy. Pictured, Kate attends the Royal Variety Performance 2023 at the Royal Albert Hall

The gang said: 'Unique files are presented to your attention! Data from the Royal Family! A large amount of patient and employee data. Sale in one lot!!'

GCHQ and police are investigating the attack by hacking gang Rhysida – named after a venomous tropical centipede.

The 56-bed private hospital in Marylebone has been used by the Royal Family for more than a century. The late Queen Elizabeth II was a patient and so was Prince Philip who spent almost a month being treated there before he died aged 99 in 2021.

The Princess of Wales was admitted there in 2012 with prolonged bouts of acute morning sickness during her first pregnancy. 

During her stay, two Australian radio DJs placed a hoax call and obtained private medical information about Kate – then the Duchess of Cambridge – which they then broadcast, forcing hospital bosses into an embarrassing apology. 

The nurse who unwittingly took the call later committed suicide over the prank.

Last night, Philip Ingram, former British military intelligence colonel, said: 'Given the highly sensitive nature of the patients, there will be a degree of pressure on the hospital to try to stop any of this data being released. 

And therefore I would expect them to explore the possibility of paying the ransom.

'The difficulty is that the attack has already happened, and many of those high-profile clients will be taking risk mitigations themselves. To that extent the damage has been done.'

The 56-bed private hospital in Marylebone has been used by the Royal Family for more than a century. Pictured, police officers outside King Edward VII's Hospital, London

Col Ingram said even if the hospital decided to pay the ransom, there was no guarantee the data would be returned. 

He warned it could be copied and sold on to other underworld cybercrime gangs. 'This will be a national effort with the National Cyber Security Centre (NCSC) and GCHQ involved,' he said.

A spokesman for the NCSC, the computer crime arm of GCHQ, confirmed: 'We are engaging with King Edward VII's Hospital to understand the impact.'

A hospital spokesman said: 'We recently experienced an IT security incident. 

'We took immediate steps to mitigate its impact and continued to offer patient care, largely as normal. 

'We also launched an investigation, which confirmed a small amount of data was copied. 

'While this was primarily benign hospital systems data, a limited amount of patient information was copied. We offer our apologies.'

Buckingham Palace did not return requests to comment.

Read Entire Article