Quick Summary
The HCRG Care Group, a private service provider for the NHS, is currently investigating a suspected ransomware attack. The organization, formerly known as Virgin Care, provides child and family health and social services across the UK.
Key Details
- The HCRG Care Group is looking into claims from a cybercrime group that it has accessed sensitive information.
- A spokesperson confirmed the investigation of an IT security incident and noted a post on the dark web by a group claiming responsibility.
- Containment measures have been implemented, and no suspicious activity has been observed since.
- The organization is collaborating with external forensic specialists to further investigate the incident.
Operational Status
- HCRG Care Group reassured the public that its services continue to operate normally and that patients with appointments should still access care.
- The Information Commissioner and relevant regulators have been notified about the suspected attack.
Recent Developments
- In October 2024, the Bath and North East Somerset and Wiltshire SW Integrated Care Board awarded HCRG a £1.3 billion contract to provide adult community health services in the region.
- HCRG has been delivering community services since 2006 and employs over 1,300 NHS staff.
Context of Cybersecurity Threats
- In January 2025, it was reported that a ransomware attack on NHS pathology provider Synnovis resulted in severe patient harm, highlighting the risks associated with cybersecurity breaches in healthcare.