London Hospitals Cancel Operations Following Ransomware Incident

Written by

Leading London hospitals have been forced to cancel operations and divert emergency patients following a cyber-attack on a critical supplier.

The incident has affected Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in South East London, according to a statement from NHS England on June 4.

This follows a ransomware attack on Synnovis – a third-party provider of pathology services, including blood tests, swabs and bowel tests for the affected hospitals.

This has resulted a major impact on delivery of services, such as blood transfusions and test results.

A critical incident has been declared by Guy’s and St Thomas’ and King’s College Hospital, with The Independent reporting that staff have been told to prioritize urgent and emergency test results.

NHS England confirmed the ransomware attack on Synnovis took place on Monday June 3.

A spokesperson for NHS England London region said: “This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London and we apologise for the inconvenience this is causing to patients and their families.”

Emergency care remains available, and patients have been advised to continued accessing services in the normal way, including dialling 999 in an emergency.

The NHS is now working with the UK’s National Cyber Security Centre (NCSC) to understand the full impact of the incident.

NHS England added that NHS providers have tried and tested business continuity plans for instances like this, which includes offering mutual aid.

Healthcare a Favored Target for Ransomware Actors

The news follows a spate of ransomware incidents on healthcare organizations this year, which have severely impacted patient services and resulted in sensitive data being accessed.

This includes the attack on healthcare payments provider Change Healthcare in the US and Australia-based medical prescriptions provider MediSecure.

In March 2024, Scottish NHS Trust Dumfries and Galloway confirmed it had been hit by a ransomware attack, with patient clinical data published online by the attackers.

Andrew Whaley, Senior Technical Director of Promon, noted that the high level of disruption caused by attacking healthcare services, potentially even putting patient lives at risk, is viewed as a good opportunity to extort money from victims.

What’s hot on Infosecurity Magazine?