Barts Health NHS Trust reported a data breach involving the Cl0p ransomware group, which exploited a vulnerability in Oracle E-Business Suite. The hackers stole files from an invoice database, exposing sensitive information related to patient billing, unresolved salary records for former staff, and supplier payment details. Some of the compromised records date back several years, though clinical systems and actual patient records were not affected. The breach, which occurred in August and was detected in November when files appeared on the dark web, has raised alarms given its implications for patient privacy and potential fraud. The stolen data includes names and addresses of patients billed for care, along with some supplier details that were already public. Barts Health has advised patients to review their invoices to determine if their information was involved. In response to the breach, the trust has reported the incident to NHS England, the National Cyber Security Centre, and law enforcement, and is seeking a court order to halt the distribution of the stolen data. This incident is part of a troubling trend of ransomware attacks targeting UK health services. The Qilin group recently released patient records after compromising an NHS supplier, linking one incident to a patient’s death due to treatment delays. Other attacks have targeted NHS bodies in Scotland, where terabytes of patient data were claimed to be taken. Attackers typically look for vulnerabilities in widely used systems, and even when clinical data remains secure, the fallout can strain trust and create fraud risks. Barts Health is directing affected individuals to resources like Stop Think Fraud for guidance.