UK health service warned of poor security by hacker group

Lulz Security says it meant no harm but that it has compromised some NHS administrator passwords

The U.K. National Health Service (NHS) said Friday that no patient data was compromised after an intrusion of one of its websites by Lulz Security, a hacker group that has recently stung organizations including a U.S. public broadcasting network and Sony.

Lulz Security apparently obtained administrative passwords for a website for a local NHS organization, according to a spokeswoman. The NHS did not reveal the name of the organization.

The NHS said that the Department of Health has previously issued security guidance to local NHS organizations on how to protect their data, and that none of its information systems had been affected by this latest incident.

Lulz, which frequently writes of its exploits on Twitter, wrote on Thursday that it had warned the NHS of the compromise by e-mail, and posted an image of the message.

"We're a somewhat known band of pirate-ninjas that go by LulzSec," the group wrote on Twitter. "While you aren't considered an enemy -- your work is of course brilliant -- we did stumble upon several of your admin passwords, which are as follows. We mean you no harm and only want to help you fix your tech issues."

The administrative passwords were blacked out in the image. On its Twitter feed, Lulz had earlier written: "Subdomain NHS access compromised 5 core admins and contact info of several affiliates. Luckily they stored nothing of importance on that DB."

Lulz Security has claimed a string of successful hacks in the past few weeks. It released what it claimed were user IDs and passwords for a MySQL database belonging to PBS.org, the U.S. public broadcasting network.

Lulz also said it was responsible for hacking Fox.com and releasing user names and passwords for Fox employees. Additionally, Lulz said it hit the SonyPictures.com website with a simple SQL injection attack, which yielded data such as e-mail addresses, street addresses, birthdates and passwords for some 1 million users of the site.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags intrusionU.K. National Health Servicesecuritydata breachLulz Securitydata protection

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?