close
close

Critical incident reported after ransomware attack paralyzes several London hospitals

Several of London’s largest hospitals have cancelled operations and declared critical emergency status after a ransomware attack on a third-party provider left healthcare professionals without access to pathology services.

The attack, discovered on Monday, affected a company called Synnovis, which provides pathology services such as blood testing for transfusions to a number of healthcare organizations, according to reports and internal emails posted on social media.

“I can confirm that our pathology partner Synnovis has experienced a serious IT incident today which is ongoing and means we are currently disconnected from Synnovis’ IT servers,” wrote Ian Ebbs, chief executive of Guy’s and St Thomas’ NHS Foundation Trust, a hospital network.

The Royal Brompton and Harefield hospitals, the UK’s largest heart and lung centres, are also believed to be affected. The incident also affects King’s College Hospital NHS Foundation Trust “and primary care across south-east London,” Abbs wrote, “and has a significant impact on the delivery of our services, particularly affecting blood transfusions.”

Some appointments have already been cancelled or patients have been transferred to other providers at short notice due to the incident. The burden of additional patients on other hospitals may lead to further overloading of resources and the reporting of further critical incidents. It is unclear how long the disruption will last.

“I know how upsetting this is for patients and families whose care is affected, and how difficult and frustrating this is for all of you. I am very sorry for the disruption this is causing,” Abbs wrote.

The disruption to the blood transfusion IT system could have a significant impact on trauma cases, as urgently needed blood components are only transfused when “critically indicated for the patient,” a statement said.

Recorded Future News has contacted Synnovis, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust for comment but no response was received by the time of publication.

The attack is the latest of 215 ransomware incidents to affect the UK healthcare sector since January 2019, according to personal data breaches reported to the Information Commissioner’s Office (ICO).

According to this data, ransomware attacks in the UK reached record levels last year. Although the data suggests that incidents have fallen from a record 106 in 2022 to just 32 in 2023, both the ICO and the National Cyber ​​Security Centre have said they are “increasingly concerned” about ransomware victims not reporting incidents.

To tackle the ransomware crisis, Home Office officials had planned to launch a public consultation in June and propose radical measures – including requiring all victims to obtain a license before paying a ransom. But those plans were delayed by the Prime Minister’s call for new elections.

Attacks on the healthcare sector can have particularly serious consequences for patients. Earlier this year, cyber extortionists published confidential patient data stolen from the Scottish health system NHS Dumfries and Galloway in an attempt to extort money from the local health authority.

In a ransomware attack on Australian health insurer Medibank in 2022, criminals compromised patient histories and treatment data.

The criminals, who wanted to blackmail the Australian company and the affected patients, then began publishing sensitive data on the health services of around 480,000 people, including information on drug addiction treatment and abortions.

Get more insights with the

Recorded future

Intelligence Cloud.

Learn more.