Skip to main content

Forensic Service Provider: Cyber Incident

Volume 662: debated on Tuesday 25 June 2019

On 3 June, Brussels-based scientific testing company Eurofins Scientific reported that it had been victim to a global ransomware attack. In the UK, its subsidiary Eurofins Forensic Services (EFS), which is a significant private sector forensic testing provider was affected.

Ministers have been briefed on the situation by operational leads and a range of actions have been taken to mitigate the impact on our criminal justice system and the public.

The National Crime Agency (NCA) has taken the operational command of the criminal investigation in the UK, with the National Cyber Security Centre (NCSC) leading our cyber response. Both the NCSC and NCA have deployed specialist officers to Brussels to assist Eurofins in the international investigation. These experts continue to work closely with both the company and the Cyber Incident Response firm EFS has employed to contain the situation. The affected UK law enforcement agencies reported the incident to the Information Commissioner’s Office. There is no evidence to date that this crime was specifically targeting the UK company.

We have taken immediate steps to minimise the impact of this crime on the criminal justice system. The National Police Chiefs’ Council (NPCC) suspended use of EFS immediately and isolated police networks from the forensic service provider to retain their integrity. The NPCC put in place the national contingency plan and diverted urgent and priority submissions to alternative suppliers. Other forensic submissions are being managed nationally to ensure that sufficient capacity is available for all forces.

These measures are temporary but will remain in place for as long as necessary. The NPCC, the UK Accreditation Service and the Forensic Science Regulator are working closely with the company to assess when it can continue to resume accepting forensic submissions.

The Crown Prosecution Service (CPS) is working to ensure all hearings remain based on reliable evidence. While investigations are ongoing, prosecutors will assess the impact on a case-by-case basis working closely with partners across the CJS and EFS.

If prosecutors or the police believe that there may have been an impact, they will contact the victims or witnesses involved. But if any victims are concerned, national support services are also available. These include the 24-hour Victim Support helpline with details on the Ministry of Justice website. However, I want to stress that at present we have no reason to believe there has been an impact on the forensic evidence tested by EFS.

The serious nature of this incident highlights the importance of all firms being cyber-aware; and we urge businesses of all types and sizes to follow the guidance on this growing threat on the NCSC’s website.

The Government continue to assess and enhance our cyber-security capabilities and it is vital we build strong defences—and every person, organisation or business has a part to play.

The investigation into this serious cyber-attack remains live but we will use our understanding of this latest incident to limit future harm to the UK.