Two companies involved in the construction of emergency hospitals for the coronavirus outbreak in the UK have been targeted by cyber criminals, following similar attacks on other health organisations and hospitals in recent months.
Bam Construct, which built North Yorkshire’s temporary coronavirus hospital in the Harrogate Convention Centre, and Interserve, an outsourcing company which helped construct Birmingham's NHS Nightingale hospital, both reported being the victim of cyber attacks over the past week.
Cyber criminals attacked Interserve last weekend and managed to steal personal details belonging to up to 100,000, according to The Telegraph. A source from within the company had told the publication that hackers managed to break into a human resources database which potentially “included sensitive data such as employee names, addresses, bank details, payroll information, next of kin details, HR records, dates of absences and pension information”.
In a statement on its website, Interserve announced that it “is working closely with the National Cyber Security Centre (NCSC) and Strategic Incident Response teams to investigate, contain and remedy the situation”.
“This will take some time and some operational services may be affected. Interserve has informed the Information Commissioner (ICO) of the incident,” the company said, adding that it will “provide further updates when appropriate”.
Bam Construct issued a statement in which it said that the construction company had reported a similar attack to authorities and is “taking the opportunity to learn from it to make any necessary changes to our systems for the future”.
“We have stood up extremely well to a significant cyber-attack on our business, which forms part of the wave of attacks on public and private organisations supporting the national effort on Covid-19. Our IT teams have closed access to a number of systems, including our website, as a precaution and we have alternative arrangements in place when necessary to ensure business continuity,” it said.
Five essentials of a secure modern workplace
The CIO's guide to unleashing productivity whilst minimising risk
The company added that despite the attack, “it is (...) pretty much business as usual”, with supplier and employee payments continuing to be made.
The news of the cyber attacks comes days after the NSCS reported that a recent rise in cyber crime has been fuelled by an uptick in activity from state-backed hacking groups targeting critical organisations like healthcare bodies and pharmaceutical companies.
