A major cyber attack on NHS hospitals in London has caused a number of procedures to be cancelled or changed.
The “major IT incident”, thought to have taken place on Monday, has hit King’s College Hospital, Guy’s and St Thomas’, including the Royal Brompton and the Evelina London Children’s Hospital, and primary care services.
According to letters sent to NHS staff, a number of procedures have been cancelled or redirected to other NHS providers, with blood transfusions said to have been especially impacted.
The cyber incident involves pathology services provider and NHS partner Synnovis. Senior sources told the Health Service Journal (HSJ) that the system was hit by a ransomware attack, which has disrupted connections to the main server for some departments.
One source said accessing some blood test results could take “weeks, not days”, delaying urgent and emergency care.
The NHS has faced several recent cyber attacks. Last month, a ransomware group released stolen patient data onto the dark web following an attack on NHS Dumfries and Galloway in March.
“When healthcare systems and data are unavailable, lives are potentially at risk. This makes the sector a tempting target for criminals,” explained Martin Lee, Cisco’s security research lead.
“Outages ply pressure on management to pay off the attackers to restore availability quickly. However, paying the ransom means that these attacks remain profitable and ultimately only serves to encourage further attacks,” he added.