The UK’s biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack, BBC News has learned.
Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company.
At the time, the firm described the attack as “highly sophisticated”.
BBC News has not been told how much money was involved in the ransom payment or when it was paid.
The National Crime Agency (NCA) said it was a “matter for the victim” as to whether a ransom had been paid.
The agency, which is investigating the attack, said: “As there is an ongoing criminal investigation, it would be inappropriate to comment.”
Eurofins previously said the attack was “well-resourced” but three weeks later said its operations were “returning to normal”.
Cyber-attack hits police forensic work
It said it would also not comment on whether a ransom had been paid or not.
It added it was “collaborating with law enforcement” in the UK and elsewhere.
The ransomware attack hit the company, which accounts for over half of forensic science provision in the UK, on the first weekend in June.
Ransomware is a computer virus that prevents users from accessing their system or personal files. Messages sent by the perpetrators demand a payment in order to unlock the frozen accounts.
Eurofins deals with over 70,000 criminal cases in the UK each year.
It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK.
Forensic science work has been carried out by private firms and police laboratories in England and Wales since the closure of the government’s Forensic Science Service in 2012.
‘Court hearings postponed’
An emergency police response to the cyber-attack was led by the National Police Chiefs’ Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers.