The medical data of approximately half a million volunteers who contributed to the UK’s Biobank health database has been stolen and advertised for sale online, the government has confirmed.
Technology minister Ian Murray told the Commons on Thursday that the charity had informed the government the data had been “advertised for sale by several sellers on Alibaba’s ecommerce platforms in China.” The listings have since been taken down, and the government said it had spoken directly to the vendor, who indicated they did not believe any purchases had been made from the three listings before their removal.
Murray sought to provide some reassurance about the scope of the breach, telling MPs that the compromised data “did not contain participants’ names, addresses, contact details or telephone numbers.”
UK Biobank is a major health research resource that holds in-depth genetic and health information contributed voluntarily by hundreds of thousands of people across the country. The breach raises significant concerns about the security of sensitive medical data held by research institutions and the growing threat of state-linked or commercially motivated cybercrime targeting health information.
The investigation is ongoing.
