What happened to Barts Health NHS Trust?

Barts Health NHS Trust experienced a data breach after the Cl0p ransomware group exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite software. The attack compromised an invoice database containing patient billing information and staff records spanning several years.

What data was compromised in the breach?

The compromised database contained names and addresses of patients liable for treatment payments, invoice records spanning multiple years, former staff member information related to outstanding salary sacrifice schemes or overpayment reconciliation, supplier payment and contact details, and accounting service records.

Incident

Barts Health NHS Trust reports data breach caused by exploit of Oracle E-Business Suite flaw

Q: Which hospitals are affected by this breach?

Barts Health operates five major hospitals across London: St Bartholomew's Hospital, Royal London Hospital, Newham University Hospital, Mile End Hospital, and Whipps Cross University Hospital, serving more than 2.5 million people.

published: Dec. 6, 2025

Learn More

Barts Health NHS Trust is reporting a data breach after the Cl0p ransomware group exploited a zero-day vulnerability tracked as CVE-2025-61882 in Oracle E-Business Suite software, part of a hacking campaign that affected many high-profile organizations worldwide, including Harvard University, The Washington Post, Envoy Air, GlobalLogic, Logitech, Dartmouth College, University of Pennsylvania, and University of Phoenix.

The attack compromised an invoice database containing patient billing information and staff records spanning several years. Barts Health operates five major hospitals across London, including St Bartholomew's Hospital, Royal London Hospital, Newham University Hospital, Mile End Hospital, and Whipps Cross University Hospital, serving more than 2.5 million people.

The compromised database contained files with the following types of exposed data:

Names and addresses of patients liable for treatment payments
Invoice records spanning multiple years
Former staff member information related to outstanding salary sacrifice schemes or overpayment reconciliation
Supplier payment and contact details
Accounting service records provided to Barking, Havering, and Redbridge University Hospitals NHS Trust since April 2024

The number of affected individuals is not disclosed.

The incident occurred in August 2025, but Barts Health remained unaware that trust data had been compromised until November, when Cl0p posted the stolen files on their dark web leak site. The organization is pursuing a High Court order to ban the publication, use, or sharing of the compromised data by anyone, which is a clear exercise in futility since criminals don't care about court orders.

Barts Health has reported the incident to NHS England, the National Cyber Security Centre, the Metropolitan Police, and the Information Commissioner's Office. Affected patients who paid for treatment at Barts Health facilities are advised to review their treatment invoices to understand what personal information may be at risk and should be careful about unsolicited communications requesting payment or sensitive information. The trust has issued an apology and stated it is implementing additional security measures with suppliers to prevent similar incidents.

Barts Health NHS Trust reports data breach caused by exploit of Oracle E-Business Suite flaw

Read More
Top Health Doctors Brisbane medical group reports data …
Sports Medicine & Orthopaedics reports data breach affecting …
NYC Ambulatory Surgery Center reports data breach
Philippine Maritime Industry Authority reports cyberattack, data breach
SafePay Ransomware Group Targets Smile Team Orthodontics in …