The Man Who “Saved the NHS” Forced to Move House After Tabloids Reveal His Address

The tech security expert who activated a “kill switch” to halt the NHS cyber attack has reportedly been forced to move house, after British tabloids allegedly published his address online.

Marcus Hutchins, who previously operated anonymously under the alias MalwareTech, claimed that “one of the largest UK newspapers” had revealed details about his address, which has now forced him to move from out of his family’s home in England. The tech blogger, who works for a US security firm but is based in the UK, wrote in a now-deleted tweet: “Tabloids here don’t care about the story, they care about every detail of the person behind it and will go to extreme lengths to find out.

“One of the largest UK newspapers published a picture of my house, full address, and directions to get there… now I have to move.” He added: “Journalist doxed a friend then rang them offering money for my gf’s name and phone number, one turned up at another friend’s house.”

Hutchins initially remained anonymous online, posting to his blog MalwareTech and his Twitter account. However, after successfully thwarting an international ransomware attack that had brought the NHS’s computer system to its knees, the 22-year-old revealed his identity to the media. “I didn’t try to become famous, I tried to remain anonymous and was dragged into the spotlight,” Hutchins said of his decision to reveal his identity.


The cyber attack made use of a vulnerability in Microsoft’s Windows operating system, with it displaying a message requesting money on the computers it affected. Hutchins thwarted the ransomware attack and was subsequently rewarded $10,000 by the ethical hacking group HackerOne, alongside a year’s supply of pizza from Just Eat. He has stated that he has donated some of the money to various charities. The tech whiz also told followers to not retaliate on his behalf, encouraging them “not to witch-hunt journalists” as a result of his address being outed, adding that there were “good ones”.

It has been reported that the ransomware attack was orchestrated by a special cell in North Korea’s spy agency, with defectors from the country and internet experts pointing to its “Unit 180” group as the most likely suspects. According to experts, the hacker are going overseas to countries with better internet connection in order for the attack to not be traced back to them. The North Korean government has labelled these accusations as “ridiculous”.

Image Credit: Marcus Hutchins (top) / Health Service Journal (middle)