RCHNT
Company Details
Linkedin ID:
royalcornwallnhs
Employees number:
1,800
Number of followers:
10,757
NAICS:
62
Industry Type:
Homepage:
mtr.bio
IP Addresses:
3
Company ID:
ROY_2480534
Scan Status:
Completed
Royal Cornwall Hospitals NHS Trust Company CyberSecurity Posture
mtr.bio
The Royal Cornwall Hospitals NHS Trust (RCHT) was founded in 1992 as part of the second wave of NHS Trusts to be established in England. We have three main hospital sites: Royal Cornwall Hospital, Truro; St Michael’s Hospital, Hayle; and West Cornwall Hospital, Penzance. RCHT also provides imaging and outpatient services at a number of locations across Cornwall and the Isles of Scilly, as well as birthing centres in St Austell, Helston and on the Isles of Scilly. We serve around 474,000 residents across Cornwall and the Isles of Scilly, with the remainder of Cornwall’s population in the east and far north of the county looking to Plymouth and North Devon respectively, for their acute hospital services. As a year round tourist destination, the number of people we care for is boosted by holidaymakers, which can more than double our population at the busiest times. Around 6,700 people work together across our hospitals and services, including 400 volunteers and an in-house bank of over 1500 people working flexibly to help us respond to changes in demand. The Trust has teaching hospitals status as part of the Peninsula College of Medicine and Dentistry (PCMD) and University of Exeter Medical School. Keeping at the forefront of medical advances, the Trust is continually developing its clinical services and is committed to maximising the range of specialist care that can be offered locally. Allied to this is a growing reputation for research and innovation. The Knowledge Spa on the Royal Cornwall Hospital site, the Cornwall base for medical students and the University of Plymouth Faculty of Health and Social Work, has further enhanced a strong reputation for training and education. This plays a vital part in attracting and retaining the Trust’s highly skilled teams of doctors, nurses and other health professionals who care for well over half a million people each year.
Royal Cornwall Hospitals NHS Trust A.I CyberSecurity Scoring
RCHNT Risk Score (AI oriented)Between 650 and 699
RCHNT
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
RCHNT Global Score (TPRM)XXXX
RCHNT
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
RCHNT Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Royal Cornwall Hospitals NHS Trust: Royal Cornwall Hospital staff's sick days exposed in data leak
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: **Royal Cornwall Hospitals NHS Trust Data Breach Exposes Staff Sickness Records** The Royal Cornwall Hospitals NHS Trust has notified 8,100 current and former employees after a data breach exposed sensitive staffing information. The incident occurred when an editable spreadsheet containing personal details—including names, job titles, and sickness absence records—was inadvertently disclosed in response to a Freedom of Information (FOI) request. While no patient data or financial information was compromised, the breach revealed internal staffing details, raising concerns over employee privacy. The trust acknowledged the error, issued an apology, and confirmed immediate corrective measures were taken. Authorities emphasized the organization’s commitment to safeguarding personal information following the incident.
RCHNT Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for RCHNT
Incidents vs Hospitals and Health Care Industry Average (This Year)
Royal Cornwall Hospitals NHS Trust has 33.33% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Royal Cornwall Hospitals NHS Trust has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types RCHNT vs Hospitals and Health Care Industry Avg (This Year)
Royal Cornwall Hospitals NHS Trust reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — RCHNT (X = Date, Y = Severity)
RCHNT cyber incidents detection timeline including parent company and subsidiaries
RCHNT Company Subsidiaries
The Royal Cornwall Hospitals NHS Trust (RCHT) was founded in 1992 as part of the second wave of NHS Trusts to be established in England. We have three main hospital sites: Royal Cornwall Hospital, Truro; St Michael’s Hospital, Hayle; and West Cornwall Hospital, Penzance. RCHT also provides imaging and outpatient services at a number of locations across Cornwall and the Isles of Scilly, as well as birthing centres in St Austell, Helston and on the Isles of Scilly. We serve around 474,000 residents across Cornwall and the Isles of Scilly, with the remainder of Cornwall’s population in the east and far north of the county looking to Plymouth and North Devon respectively, for their acute hospital services. As a year round tourist destination, the number of people we care for is boosted by holidaymakers, which can more than double our population at the busiest times. Around 6,700 people work together across our hospitals and services, including 400 volunteers and an in-house bank of over 1500 people working flexibly to help us respond to changes in demand. The Trust has teaching hospitals status as part of the Peninsula College of Medicine and Dentistry (PCMD) and University of Exeter Medical School. Keeping at the forefront of medical advances, the Trust is continually developing its clinical services and is committed to maximising the range of specialist care that can be offered locally. Allied to this is a growing reputation for research and innovation. The Knowledge Spa on the Royal Cornwall Hospital site, the Cornwall base for medical students and the University of Plymouth Faculty of Health and Social Work, has further enhanced a strong reputation for training and education. This plays a vital part in attracting and retaining the Trust’s highly skilled teams of doctors, nurses and other health professionals who care for well over half a million people each year.
Loading...
RCHNT Similar Companies
UC San Diego Health
UC San Diego Health and Health Sciences has been caring for the community and producing physicians for more than 50 years. In 1966, we established our first medical center. Two years later, in 1968, UC San Diego School of Medicine opened for business. Today, UC San Diego Health is the only academic
Oregon Health & Science University
At OHSU, we deliver breakthroughs for better health. We're driven by the belief that better health starts with innovations in the lab, in the classroom, at the bedside and in our communities. From cancer to Alzheimer's to cardiovascular care, we collaborate every day to identify and deliver new wa
OSF HealthCare
OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF e
Queensland Health
Queensland Health is the state's largest healthcare provider. We are committed to ensuring all Queenslanders have access to a range of public healthcare services aimed at achieving good health and well-being. Through a network of 16 Hospital and Health Services, as well as the Mater Hospitals, Quee
Bupa
Bupa's purpose is helping people live longer, healthier, happier lives and making a better world. We are an international healthcare company serving over 38 million customers worldwide. With no shareholders, we reinvest profits into providing more and better healthcare for the benefit of current an
Omega Healthcare Management Services
Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) empowers healthcare to thrive via intelligent solutions that optimize revenue cycle operations, administrative workflows, care coordination, and clinical research on a global scale. The company works with providers, payers, li
Cedars-Sinai
Since its beginning in 1902, Cedars-Sinai has evolved to meet the healthcare needs of one of the most diverse regions in the nation, continually setting new standards for quality and innovation in patient care, research, teaching and community service. Today, Cedars-Sinai is widely known for its na
Inova Health
We are Inova, Northern Virginia and the Washington, D.C. metropolitan area’s leading nonprofit healthcare provider. With expertise and compassion, we partner with our patients to help them stay healthy. We treat illness, heal injury and look at a patient’s whole health to help them flourish. Through
Penn Medicine, University of Pennsylvania Health System
Penn Medicine’s mission is to advance knowledge and improve health through research, patient care, and the education of trainees in an inclusive culture that embraces diversity, fosters innovation, stimulates critical thinking, supports lifelong learning, and sustains our legacy of excellence. Penn
.png)
RCHNT CyberSecurity News
December 09, 2025 01:37 PM
Hospital staff sick days exposed in data breach
Personal details of thousands of current and former staff working for a hospital trust have been exposed in a data breach. Royal Cornwall...
November 28, 2025 08:00 AM
Parents of girl who died after surgery urge change
The family of Amber Milnes are urging parents to trust their instincts and question doctors.
September 03, 2025 07:00 AM
Devon and Cornwall hospitals go live with digital pathology solution
Two NHS trusts in Devon and Cornwall have gone live with a digital pathology solution to enable faster cancer diagnosis.
August 18, 2025 07:00 AM
The 17 trusts missing NHSE’s new A&E handover target
More than a dozen trusts have not been meeting a new “maximum” NHS England standard through the spring and summer, HSJ can reveal.
July 26, 2025 07:00 AM
Surgeon Accused of Getting His Own Legs Cut Off for Insurance Reasons
A surgeon was accused of fraud for getting his legs amputated and lying to insurance that the amputation was due to sepsis.
June 23, 2025 07:00 AM
HTN ICS digital and data region series: South West
We're heading over to the South West region, to take a deep dive into some of the latest developments, insights, and strategies around digital and data.
May 27, 2025 07:00 AM
28 NHS hospitals to receive advanced radiotherapy technology
New radiotherapy machines will cut waiting times and help 4500 more patients get NHS cancer treatment faster.
April 17, 2025 07:00 AM
AI solution to detect lung cancer launches in south west England
Peninsula Imaging Network (PenRAD) has gone live with Qure.ai's AI for chest CT (qCT) to help detect lung cancer quicker.
April 16, 2025 07:00 AM
U.K. group goes live with Qure.ai chest CT program
The Peninsula imaging network (PenRAD) has become the first UK imaging group to deploy Qure.ai's AI-powered software for chest CT (qCT).
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
RCHNT CyberSecurity History Information
Official Website of Royal Cornwall Hospitals NHS Trust
The official website of Royal Cornwall Hospitals NHS Trust is https://mtr.bio/RoyalCornwallHospitals.
Royal Cornwall Hospitals NHS Trust’s AI-Generated Cybersecurity Score
According to Rankiteo, Royal Cornwall Hospitals NHS Trust’s AI-generated cybersecurity score is 691, reflecting their Weak security posture.
How many security badges does Royal Cornwall Hospitals NHS Trust’ have ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Royal Cornwall Hospitals NHS Trust have SOC 2 Type 1 certification ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust is not certified under SOC 2 Type 1.
Does Royal Cornwall Hospitals NHS Trust have SOC 2 Type 2 certification ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust does not hold a SOC 2 Type 2 certification.
Does Royal Cornwall Hospitals NHS Trust comply with GDPR ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust is not listed as GDPR compliant.
Does Royal Cornwall Hospitals NHS Trust have PCI DSS certification ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust does not currently maintain PCI DSS compliance.
Does Royal Cornwall Hospitals NHS Trust comply with HIPAA ?
According to Rankiteo, Royal Cornwall Hospitals NHS Trust is not compliant with HIPAA regulations.
Does Royal Cornwall Hospitals NHS Trust have ISO 27001 certification ?
According to Rankiteo,Royal Cornwall Hospitals NHS Trust is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Royal Cornwall Hospitals NHS Trust
Royal Cornwall Hospitals NHS Trust operates primarily in the Hospitals and Health Care industry.
Number of Employees at Royal Cornwall Hospitals NHS Trust
Royal Cornwall Hospitals NHS Trust employs approximately 1,800 people worldwide.
Subsidiaries Owned by Royal Cornwall Hospitals NHS Trust
Royal Cornwall Hospitals NHS Trust presently has no subsidiaries across any sectors.
Royal Cornwall Hospitals NHS Trust’s LinkedIn Followers
Royal Cornwall Hospitals NHS Trust’s official LinkedIn profile has approximately 10,757 followers.
NAICS Classification of Royal Cornwall Hospitals NHS Trust
Royal Cornwall Hospitals NHS Trust is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Royal Cornwall Hospitals NHS Trust’s Presence on Crunchbase
No, Royal Cornwall Hospitals NHS Trust does not have a profile on Crunchbase.
Royal Cornwall Hospitals NHS Trust’s Presence on LinkedIn
Yes, Royal Cornwall Hospitals NHS Trust maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/royalcornwallnhs.
Cybersecurity Incidents Involving Royal Cornwall Hospitals NHS Trust
As of December 09, 2025, Rankiteo reports that Royal Cornwall Hospitals NHS Trust has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Royal Cornwall Hospitals NHS Trust has an estimated 30,716 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Royal Cornwall Hospitals NHS Trust ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Royal Cornwall Hospitals NHS Trust detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with immediate action taken, and communication strategy with written apology to affected employees..
Incident Details
Can you provide details on each incident ?
Title: Hospital staff sick days exposed in data breach
Description: Personal details of thousands of current and former staff working for a hospital trust have been exposed in a data breach. Royal Cornwall Hospitals NHS Trust said it had written to 8,100 current and former employees after an editable spreadsheet containing staffing data was 'inadvertently disclosed' as part of a Freedom of Information (FOI) request. The names and job titles of staff together with descriptions about sickness absences and their dates were disclosed, but no patient data or financial information was compromised.
Type: Data Breach
Attack Vector: Inadvertent Disclosure
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ROY1765289106
Data Compromised: Staff personal details, job titles, sickness absences, and dates
Brand Reputation Impact: Likely negative impact due to apology issued
Identity Theft Risk: Potential risk due to exposure of personal details
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal details, job titles, sickness absences and dates.
Which entities were affected by each incident ?
Incident : Data Breach ROY1765289106
Entity Name: Royal Cornwall Hospitals NHS Trust
Entity Type: Healthcare
Industry: Healthcare
Location: Cornwall, UK
Customers Affected: 8,100 current and former employees
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ROY1765289106
Incident Response Plan Activated: Immediate action taken
Communication Strategy: Written apology to affected employees
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Immediate action taken.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ROY1765289106
Type of Data Compromised: Personal details, job titles, sickness absences, dates
Number of Records Exposed: 8,100
Sensitivity of Data: Moderate (personal details, sickness records)
File Types Exposed: Spreadsheet
Personally Identifiable Information: Names, job titles, sickness absence details
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach ROY1765289106
Regulations Violated: Likely GDPR (UK Data Protection Act 2018)
References
Where can I find more information about each incident ?
Incident : Data Breach ROY1765289106
Source: News Article
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: News Article.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Written apology to affected employees.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ROY1765289106
Root Causes: Inadvertent disclosure of editable spreadsheet in FOI request
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Staff personal details, job titles, sickness absences and and dates.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Staff personal details, job titles, sickness absences and and dates.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 8.1K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is News Article.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=royalcornwallnhs' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
