Barts Health NHS Trust reports personal data breach
05/12/2025 | Barts Health NHS Trust
A statement from Barts Health NHS Trust confirms that a criminal group known as Cl0p stole personal information of patients and staff and posted it on the dark web after exploiting a software vulnerability in the Oracle E-business Suite. The stolen files include names, addresses, and invoices of patients and staff who paid for services, alongside accounting files relating to Barking, Havering and Redbridge University Hospitals NHS Trust.
The statement also confirmed that Barts is taking legal action to block the publication of the stolen files: "We are taking urgent action and seeking a High Court order to ban the publication, use or sharing of this data by anyone."
A LinkedIn post by Jon Baines highlights that the Trust has secured an injunction against “persons unknown”.
Training Announcement: Freevacy offers a range of independent data protection qualifications from IAPP and BCS. Our certified courses are available at foundation and practitioner levels and cover multiple legal jurisdictions, data protection operations management, and the implementation of complex privacy solutions in technical environments. Find out more.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 6,250 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.