Hackers claim responsibility for NHS provider attack

A major private provider of NHS services in Kent and Surrey has been hit by a cyber-attack.

HCRG Care Group, formerly Virgin Care, said it was investigating claims by a ransomware group that more than two terabytes of sensitive information had been breached.

The BBC was first told of IT issues at the group last Thursday, when staff said they were having problems accessing websites and some patient information.

A spokesperson said: "Our team has not observed any suspicious activity since the implementation of immediate containment measures."

"We are investigating an IT security incident and have recently identified a post on the dark web by a group claiming responsibility.

"We are working with external forensic specialists to investigate the incident."

The group said it had informed the Information Commissioner and regulators.

"Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so," the group added.

HCRG provides community services for the NHS in Kent and Surrey.

The group apologised to patients whose appointments were rescheduled last week due to the cyber-attack.