Data from three NHS hospitals accessed in Liverpool cyberattack


Alder Hey NHS trust has revealed that an attack on its tech systems affected a platform used by two other facilities, with criminals having exfiltrated information from all three hospitals

Criminals gained “unlawful access” to systems and data from three NHS hospitals in Liverpool following a recent cyberattack.

Alder Hey Children’s NHS Foundation Trust announced last week that it was “aware that data has been published online and shared via social media that purports to have been obtained illegally” from the hospital – one of the largest children’s health facilities in the country.

In a newly published update, Alder Hey revealed that “a single cyberattack… has impacted three NHS organisations, [and] criminals gained unlawful access to data through a digital gateway service hosted by Alder Hey”.

As well as its host organisation, the gateway is also used by two other NHS hospital trusts in the city: the Liverpool Heart and Chest Hospital; and the Royal Liverpool University Hospital.

Having successful hacked the gateway, “criminals gained unlawful access to data” from all three facilities – although, in the case, of the Royal Liverpool, “only a small amount” is believed to have been exfiltrated. None of the information stolen or published is related to children or young people, Alder Hey currently believes.


Related content


“We have launched an investigation which is still ongoing to determine the full facts around what data has been obtained unlawfully,” said the hospital’s latest update, published yesterday. “Hospital services remain unaffected and continue to run normally. Patients are advised to continue to attend appointments. As part of our response to this threat we have made progress in securing impacted systems and ensuring the attackers do not have continued access. This means that we are in a position to begin to reconnect our systems when it is safe to do so.”

Alder Hey said that “we are continuing to take this issue very seriously” but warned the public that “the investigation into the data may take some time, and there is a possibility that the attacker may publish the data before our investigation is concluded”.

“As soon as we are able to update on the impact to people’s data, we will provide a further update,” it said. “Work is continuing with the National Crime Agency to secure impacted systems and to take further steps in line with law enforcement advice. We are also following guidance from the Information Commissioner’s Office and will ensure that anyone impacted by this data breach is contacted directly and supported.”

Anyone with concerns about the incident – and, in particular, any possible impact on sensitive data related to their children – is invited to call Alder Hey’s patient advice and liaison service unit team on 0151 252 5161. This telephone line is staffed on weekdays from 9am to 5pm.

Sam Trendall

Learn More →