The June ransomware attack against one of the largest forensic labs in the U.K. continues to delay police investigations in Britain while authorities await test results.
At one point, authorities were confronted with a backlog of 20,000 forensic samples - including DNA and blood-samples - that were awaiting analysis for criminal cases, according to a report by the BBC.
Earlier this year, the systems of Eurofins Scientific were crippled in a ransomware attack, resulting in the lab paying a hefty ransom to retrieve its files (see: Report: UK's Largest Forensics Firm Pays Ransom to Attacker ).
Luxembourg-based Eurofins provides DNA testing, toxicology analysis, testing of firearms and other services to British police agencies as well as their counterparts in Europe, according to the company's website.
The computer files and systems targeted in the ransomware attack included sensitive information on DNA and blood samples, which were required for urgent court hearings and police investigations. This delayed these crucial processes for several weeks, according to a Friday statement from the U.K.'s National Policing Chief's Council.
In the wake of the June attack, the chief's council, which represents police chiefs throughout the U.K., suspended its ties with the lab and diverted its high-profile samples to other private labs in the country, according to the BBC.
The council, however, recently reversed course and is working with Eurofins again to clear cases, according to its statement. As of Friday, the backlog had been reduced from 20,000 cases down to 15,000 cases, according to Eurofins.
"This will regrettably mean some delays to both investigations and court cases, but I want to assure the public we will continue to work diligently to mitigate the impact upon the criminal justice system and try to ensure that samples can be processed as quickly as the system allows," says Assistant Chief Constable Paul Gibson, who oversees forensics for the chiefs' association.
The attack against Eurofins started in the first week of June, when an undisclosed strain of ransomware crippled its IT infrastructure not only in the U.K. but across several other countries as well.
"Forensics investigations are ongoing, but we have identified the variant of the malware used, and it is now being recognized and when detected neutralized by our IT security solutions," according to a statement from the company in June.
Although Eurofins reported no data theft or credential stealing, the company paid a ransom to the attacker to retrieve access to its data, according to published reports. The company has not commented on the extent of the attack or the size of the ransom.
The incident remains under investigation by the the U.K.'s National Crime Agency.