Cyber Incident Victim: DXS International

DXS International, a UK-based technology supplier that provides NHS-approved clinical support solutions for clinicians and patients, confirmed that it had been hit by a cyber-attack. The incident was discovered on December 14, 2025, and the company reported that its office servers were affected. DXS International filed a notification with the London Stock Exchange on December 18, 2025, detailing the cyber-attack. The filing stated that the attack caused minimal impact on the company's services and that front-line clinical services remained unaffected and operational.

DXS International indicated that it did not anticipate the incident would have an adverse financial impact at the time of the filing. The company emphasized that its NHS-approved clinical support solutions continued to be available to clinicians and patients without disruption. As an official partner of NHS England, DXS International noted that the attack did not interfere with any NHS services it supports. The filing did not include additional specifics regarding data loss or system compromise.

On December 14, 2025, the threat actor known as Devman listed DXS International on their data leak site. Devman claimed to have stolen 300 gigabytes of data from the company and threatened to release it on December 20, 2025. DXS International has not confirmed the claim, and the NHS has not validated the alleged data theft. The company’s public response has been limited to the London Stock Exchange filing and the statements regarding minimal impact and continued service availability.