NHS England London on Friday revealed that more than 800 planned operations and 700 outpatient appointments were forced to be rescheduled following a ransomware cyber attack on London hospitals.
The interruption was caused when threat actors targeted Synnovis, a pathology services provider that helps manage blood tests, primarily in South East London. Synnovis, formerly Viapath, is a partnership between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospital NHS Foundation Trust, and SYNLAB UK & Ireland.
The attack had caused a โsignificant reduction in the number of tests which can be processed and reported back to clinical teamsโ, revealed NHS London.
The two most affected Trusts were Kingโs College Hospital NHS Foundation Trust and Guyโs and St Thomasโ NHS Foundation Trust,ย the UKโs NHS said in an update on Friday.
Qilin, a Russian group of cyber criminals, is understood to be behind the cyber attack on Synnovis on Monday, June 3. The attack locked the pathology services provider out of its systems until Sunday, June 9.
Official authorities expect the disruption to be felt for some time and believe it will likely take months for Synnovis to fully restore its systems.
“Synnovis is focused on the technical recovery of the system, with plans in place to begin restoring some functionality in its IT system in the weeks to come. Full technical restoration will take some time, however, and the need to re-book tests and appointments will mean some disruption from the cyber incident will continue to be felt over coming months,” the NHS added.
โThe cyber attack has had a significant impact on our services, and this is likely to remain the case for some time yet. Despite the superb efforts of our staff and support from partners across London to continue caring for patients, we have had to postpone a number of operations and appointments which we are working to reschedule as quickly as possible,โ Professor Ian Abbs, chief executive of Guyโs and St Thomasโ NHS Foundation Trust, and Professor Clive Kay, chief executive of Kingโs College Hospital NHS Foundation Trust, said in a joint statement.
โWe fully recognise the distress that any delays in care can cause for our patients and their families, and we are very sorry for this. In the meantime, we would urge patients to attend for their appointments as planned unless they are contacted.โ
In response, NHS England London declared the cyber attack a regional incident and has been working to cover affected services by using neighboring providers and national partners.
The measures include ensuring patients needing time-sensitive care can receive it, including having operations at other hospitals; increasing the number of tests that can be reported per day; rerouting blood tests from GP surgeries; and working with NHS Blood and Transplant (NHSBT) to provide extra stocks of โuniversalโ blood types, which do not need patients to have tests before receiving transfusions.
Further, urgent and emergency services in the local area are available as usual, and patients are advised to access services in the usual way by dialing 999 in case of emergency and otherwise using NHS 111 through the NHS App, online, or on the phone.
St Georgeโs University Hospitals NHS Foundation Trust has also set up an incident response room to manage requests and share information more easily. This will ensure that the trust can continue to provide services to its own patients while supporting others.
Also, NHS England London said that it will publish unverified management information weekly to offer a clearer picture of the extent of this disruption.
