Cyberattack on NHS Professionals Leads to Theft of Active Directory Database and Major Security Failures

In May 2024, cybercriminals breached NHS Professionals (NHSP), stealing its AD database. The attackers gained domain admin access and exfiltrated sensitive data, exposing critical security gaps.