UK's largest police forensics lab Eurofins pays ransom to hackers

Hackers
Ransomware attacks work by hackers taking control of a computer system and locking it until a victim pays a ransom  Credit: KACPER PEMPEL/Reuters

The UK's largest private forensic company, which works on tens of thousands of criminal cases each year, was forced to pay a ransom to hackers last month after its systems were brought down by a cyber attack. 

Eurofins Scientific, whose services are used by police across the UK, said at the time of the attack that its staff had taken "immediate steps to mitigate the impact" of the ransomware that had been detected on its systems.

In ransomware attacks, hackers inject a virus into computer systems preventing users from accessing their files until a payment has been made.

On Friday, sources suggested that the "immediate steps" had included Eurofins paying the ransom, confirming an earlier BBC News report.

It is unclear how much money was paid or when, but it is likely to have taken place at some point between June 10 and June 24. 

It is not the first time major UK systems have been brought down by ransomware attacks, and other high-profile cases include the attack on the NHS in 2017, which caused 19,000 appointments to be cancelled. 

Police have already suspended all submissions to Eurofins in an attempt to limit the fallout from the cyber-attack.

It normally carries out a range of testing, such as toxicology analysis, computer forensics and firearms testing, and deals with more than 70,000 criminal cases every year, accounting for around half of the UK market for forensic science.

This has caused a number of court hearings to be delayed, while submissions are being handled by other suppliers. Evidence already held by the company is also not being released until the police can be sure of its safety, with the Crown Prosecution Service saying it would "seek to adjourn cases for the shortest possible period". 

James Vaughan, who heads up forensics for The National Police Chiefs Council, had said the police's priority was to "minimise the impact on the criminal justice system". 

"We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible," he said.

Eurofins has become a major supplier to UK police forces in the wake of the Government's Forensic Science Service closing in 2012, when operations were transferred to the private sector. It has seven labs across the country including in Oxfordshire and Leeds. 

The National Crime Agency is heading up the investigation into the attack, in cooperation with the NPCC and the National Cyber Security Centre.

The NCA declined to comment on whether Eurofins had paid the ransom on Friday, saying it was a "matter for the victim" to speak about.

Rob Jones, who works as the director of threat leadership at the NCA said it was currently "securing evidence and forensically analysing infected computers".

"Due to the quantity of data involved and the complexity, this is an investigation which will take time, therefore we cannot comment further," he said.

Eurofins did not respond to requests for comment.

License this content