University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have had patient data stolen by hackers exploiting a critical vulnerability in mobile device management software.
Two prominent NHS trusts have been targeted in a sophisticated cyberattack that saw sensitive data stolen after hackers exploited a critical vulnerability in a widely used mobile device management software.
University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust were both exposed through the exploit, which affected Ivanti Endpoint Manager Mobile (EPMM) – a software used by organisations to manage employee mobile devices.
The flaw, discovered on 15 May and since patched, allowed cybercriminals to access internal systems and potentially move laterally to more sensitive parts of the network.