NHS England tech provider reveals data breach - DXS International hit by ransomware

1. Pro
2. Security

NHS England tech provider reveals data breach - DXS International hit by ransomware News By Sead Fadilpašić published 22 December 2025

DXS International was hit by ransomware

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Pixabay) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• NHS tech supplier DXS International hit by ransomware; minimal impact on clinical services
• Unknown group DevMan claims responsibility, alleging theft of 300GB of company data
• NHS suppliers have faced ransomware before; 2022 breach led to £3.07M ICO fine

DXS International, a key technology supplier for the National Health Service (NHS) in England, has revealed it suffered a ransomware attack at the hands of an unknown threat actor.

The company filed a new report with the London Stock Exchange stating it had suffered a “security incident” affecting its office servers.

The attack was discovered on December 14 and has since been remedied. The company said it brought in third-party cybersecurity specialists to investigate and assess the damage and notified relevant authorities about the incident.

You may like

• Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS
• Healthcare firm apparently hit by major cyberattack exposing over a million medical records - how to find out if you're affected
• Hackers leak medical reports after huge breach impacts 1.2 million patient records

300GB of stolen files

“There was minimal impact on the company's services and the company's front-line clinical services remain unaffected and operational,” the report concludes.

DXS did not share key details - what the nature of the attack was, who did it, or if they stole any files in the process. However, TechCrunch says it found a rather unknown ransomware actor called DevMan assumed responsibility.

“In a post on its dark web site, which TechCrunch has seen, the hackers listed the company on December 14 and claimed to have stolen 300 gigabytes of data from the company,” the publication claims.

If the files have not yet been leaked to the dark web, that could mean that DevMan are trying to extort DXS for money.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

This is not the first NHS supplier to be hit with ransomware. Back in 2022, Advanced Computer Group suffered the same fate, but with more tangible effects for the healthcare provider. The attack caused disruptions to critical services at the time, including NHS 111, and meant some healthcare staff were unable to access patient records. The stolen information included patient phone numbers, medical records, and most concerning, access details for the homes of 890 people receiving care at home.

In March 2025, the UK Information Commissioner’s Office (ICO) issued a fine of £3.07 million for the breach that exposed personal information of 79,404.

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS    Healthcare firm apparently hit by major cyberattack exposing over a million medical records - how to find out if you're affected    Hackers leak medical reports after huge breach impacts 1.2 million patient records    Hackers claim to have hit third-part provider for Boeing, Samsung and more    Over 70 US banks and credit unions affected by Marquis ransomware breach - here's what we know    Emergency alert systems across US disrupted following OnSolve CodeRED cyberattack    Latest in Security HPE tells customers to patch OneView immediately as top-level security flaw spotted    Motherboards from Gigabyte, MSI, ASUS, ASRock at risk from new UEFI flaw attack - here's what we know    Trump’s new $900 billion Pentagon funding plan includes ‘enhanced cybersecurity protections’ for Cyber Command - here’s what we know    Amazon is reportedly being deluged with North Korean job applicants eager to break inside its walls    WatchGuard Firebox OS forced to patch worrying security flaw, so update now    Eurostar chatbot security flaws almost left customers exposed to possible security threats    Latest in News Large External SSDs are now cheaper than internal ones as 4TB SATA SSD face extinction due to negligible price difference    Mullvad VPN boosts WireGuard speeds and stability with new Rust-based engine    This gift-wrapping robot is quite funny, actually    Federal judge blocks Louisiana’s social media age verification law – here's why    'We put the most pressure on ourselves' — Tomb Raider studio head on remaking one of the most iconic games of all time    Watch out – RAM rip-offs are now in vogue, so here's how to avoid them    LATEST ARTICLES

1. 1Gemini 3 Flash is smart — but when it doesn’t know, it makes stuff up anyway
2. 2Watch out, Nvidia - Qualcomm acquires Alphawave Semi in latest addition to its AI data center push
3. 3TechRadar Gaming's favorite gaming devices of 2025: personal picks from all the year's gear
4. 4Large External SSDs are now cheaper than internal ones as 4TB SATA SSD face extinction due to negligible price difference
5. 5Arm sheds billions in market capitalization after Qualcomm hints at RISC-V adoption with Ventara Micro acquisition