Major hospitals in London have declared a critical incident after a cyber attack led to operations being canceled and patients being diverted elsewhere for care.
NHS officials said they were working with the National Cyber Security Center after the attack on Synnovis, which provides pathology services to major hospitals and GP practices in the capital.
The company said the ransomware attack affected all its IT systems, which also affected its pathology services.
Some procedures and operations have been canceled or referred to other NHS providers as hospital bosses continue to determine what work can be carried out safely.
Healthcare leaders said there has been a “significant impact” on King’s College Hospital, Guy’s and St Thomas’ and GP services in south-east London.
A memo to staff said the ‘critical incident’ had had a ‘major impact’ on services, with blood transfusions particularly affected.
Patients have described last-minute cancellations of surgeries and blood tests.
Oliver Dowson, 70, was being prepared for surgery from 6am on June 3 at Royal Brompton when he was told by a surgeon at around 12.30pm that the operation would not go ahead.
He told the PA news agency: “Staff on the ward did not seem to know what had happened, only that many patients were told to go home and wait for a new date.
“I’ve been given a date for next Tuesday and I’m crossing my fingers – it’s not the first time they’ve canceled, they did that on May 28 too, but that was probably a staff shortage in the half week.”
Vanessa Welham, from Streatham, south-west London, said her husband’s blood test at Gracefield Gardens health center was canceled on Monday evening and he was told local centers were not taking bookings “indefinitely”.
She told PA: “My husband received a text message last night informing him that his appointment this morning had been canceled due to circumstances beyond their control, and that all major hospitals in South London – King’s, St Thomas’, Guys, Evalina and Gracefield Gardens – we cannot accept bookings for an indefinite period.
“He went to the Swift website and made a new appointment – the first available appointment was June 17, but that’s probably questionable.”
A spokesperson for the NHS England London region said: “On Monday 3 June, Synnovis, a laboratory services provider, fell victim to a ransomware cyber attack.
“This has a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services across South East London, and we apologize for any inconvenience this may cause to patients and their families.
“Emergency care remains available so patients should access services as normal by calling 999 in an emergency or using 111 otherwise, and patients should continue to attend appointments unless told otherwise.
“We will continue to provide updates to local patients and the public on the impact on services and how they can continue to get the care they need.
“We are working urgently to fully understand the impact of the incident, with the support of the government’s National Cyber Security Center and our cyber operations team.”
Synnovis CEO Mark Dollar confirmed that the company had fallen victim to a ransomware cyber attack, adding: “This has impacted all of Synnovis’ IT systems, leading to disruptions to many of our pathology services.
“It is still early and we are trying to understand what exactly happened. A taskforce of IT experts from Synnovis and the NHS is working to fully assess the impact of this and take the necessary action.
“Unfortunately, this is impacting patients, with some activities having already been canceled or referred to other providers as urgent work is prioritised.
“We are deeply sorry for the inconvenience and distress this is causing to patients, service users and everyone else involved. We are doing our best to minimize the impact and will remain in contact with local NHS services to keep people informed of developments.
“At Synnovis we take cyber security very seriously and have invested heavily to ensure that our IT arrangements are as secure as possible. This is a harsh reminder that these types of attacks can happen to anyone at any time and that, dishearteningly, the individuals behind them have no qualms about the consequences of their actions.
“The incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Center and the Cyber Operations Team.”
Healthcare sources have told the Health Service Journal (HSJ) that accessing pathology results could take “weeks rather than days”.
Synnovis was created from a partnership between SynLab UK and Ireland, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust.
In 2021 it was announced that SynLab would work with the NHS to provide pathology services in hospitals and GP services in South East London.
In addition to serving King’s and Guys’ and St Thomas’, the pathology service also focuses on South London and Maudsley and Oxleas NHS Foundation Trusts and a number of GP practices, clinics and other community services in the boroughs of Southwark, Lambeth, Bromley, Bexley, Greenwich and Lewisham.
Pathology services help diagnose and treat diseases and infections by analyzing samples, including blood and tissue.
Commenting on the attack, cyber security expert Steve Sands from BCS – the Chartered Institute for IT, said: “This incident is a reminder that the ransomware threat is now an ever-present danger to critical institutions, from schools to hospitals.
“Of course the perpetrators have no conscience and will attack any organization whose cyber defenses are not sufficiently robust.
“We need to ensure that all public sector organizations have contingency plans to manage cyber attacks, that staff are regularly trained on risks and that there is adequate investment in software resilience.
“Whoever forms the next government must ensure that the NHS has these resources and that they are spent appropriately to ensure lives are not put at risk.”
Professor Awais Rashid, head of the Bristol Cyber Security Group at the University of Bristol, added: “Digital infrastructures that critical services, such as those of the NHS, rely on are often a complex combination of many different systems and services from third parties. providers. Therefore, cyber attacks can have significant and substantial cascading impacts, as we see in this unfolding situation where critical healthcare services are being affected.
“There are countless intersections of complex technologies and supply chains of software and services. Attackers are increasingly targeting these elements, leading to large-scale disruptions of important social functions.
“We need ways to ensure that critical services like healthcare continue to function safely and reliably, even when parts of the infrastructure are attacked or compromised.”
A government spokesperson said: “Patient safety is our priority and the Department of Health and Social Care, NHS England and the National Cyber Security Center are working together to investigate the impact of a cyber incident involving a pathology provider.
“Support is being provided to the company and we are working with them to minimize the impact on services for a number of NHS organizations in South East London.