The NHS is putting patients at risk by not properly protecting their data online, a study by cybersecurity specialists Hacker House has found.
The experts performed public searches and found misconfigured email servers, outdated software and security certificates as well as NHS trusts' emails and passwords. Their investigation also revealed that seven NHS trusts spent absolutely nothing on cybersecurity in 2015. A further 45 were unable to specify how much they spent on preventing and mitigating cyber attacks.
Alongside this, the report found that the number of personal data breaches experienced by NHS trusts is increasing. It was revealed that in 2014 there were 3,133 breaches, a figure which rose to 4,177 in 2015.
Jennifer Arcuri, co-founder of Hacker House, said: "I would have to say that the security across the board was weak for many factors. Out of date SSLs, out of date software, it was very clear that you could bypass any number of these trusts just by doing the right recon online.
"So if I was an adversary looking to get into any of these trusts or take advantage or change, manipulate or send communications on behalf of a doctor, I could, just because the information was already there."