Russian ransomware group Qilin has leaked patient data stolen from Synnovis, a pathology services provider for the NHS.

The National Crime Agency and the National Cyber Security Centre are investigating the leak, which saw almost 400GB of private information published on the darknet.

The leaked data includes patient names, dates of birth, NHS numbers, and descriptions of blood tests, as reported by the BBC. The extent of the data breach and whether test results are included remains unclear.

Last week, Qilin released 104 files containing the stolen data. The breach has caused substantial impact, with nearly 1,600 operations and outpatient appointments cancelled at NHS foundation trusts.

The leak also included financial records between hospitals, GP services, and Synnovis.

Synnovis was hit by the ransomware attack earlier this month, creating disruptions at major London hositals.

The NHS has acknowledged the severity of the situation, stating that essential systems for running blood tests in south-east London have been affected. Despite this, urgent and emergency services are operating, albeit with potential delays for blood-related diagnostics.

The incident at Synnovis follows a series of cyber attacks on the health sector, including those on UnitedHealth-owned Change Healthcare and Ascension.

In response to the growing threat, the US Department of Health and Human Services’ Advanced Research Projects Agency for Health has initiated a programme to develop software that identifies and rectifies vulnerabilities in hospital digital systems.