A significant private provider of NHS services in Kent and Surrey has fallen victim to a cyber-attack, raising concerns over data security.

HCRG Care Group, previously known as Virgin Care, has launched an investigation following claims from a ransomware group that over two terabytes of sensitive data were compromised.

The BBC first became aware of IT issues last Thursday when staff reported difficulties accessing websites and certain patient records.

Investigation Underway

A spokesperson for HCRG Care Group confirmed the incident, stating, “Our team has not observed any suspicious activity since implementing immediate containment measures.”

They further acknowledged that a group had posted on the dark web claiming responsibility for the attack. “We are actively investigating this IT security incident with the help of external forensic specialists,” the spokesperson added.

The company has notified the Information Commissioner’s Office and relevant regulators about the breach.

Services Remain Operational

Despite the attack, HCRG Care Group assured patients that services remain operational. “Our facilities continue to see patients safely, and those with scheduled appointments should attend as usual,” the statement confirmed.

The provider, which delivers community healthcare services in Kent and Surrey, expressed regret over any inconvenience caused. It apologized to patients whose appointments had to be rescheduled due to the cyber-attack.