Two hospital trusts and a number of GP services in London have been disrupted by a cyber attack.
The incident has spread through the IT systems of Synnovis, a pathology partnership between Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospitals NHS Trust, and SYNLAB, a provider of medical testing and diagnostics.
Synnovis has said it was subject to a ransomware attack and acknowledged the impact on services within the two partner hospitals, as well as GP services across the boroughs of Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth.
A statement from the organisation’s CEO, Mark Dollar, said: “It is still early days and we are trying to understand exactly what has happened. A taskforce of IT experts from Synnovis and the NHS is working to fully assess the impact this has had, and to take the appropriate action needed. We are working closely with NHS trust partners to minimise the impact on patients and other service users.
“Regrettably this is affecting patients, with some activity already cancelled or redirected to other providers as urgent work is prioritised. We are incredibly sorry for the inconvenience and upset this is causing to patients, service users and anyone else affected. We are doing our best to minimise the impact and will stay in touch with local NHS services to keep people up to date with developments.
“We take cyber security very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.
“The incident is being reported to law enforcement and the information commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations Team.
“We will share further updates as we know more.”
Procedures disrupted
According to a report by the BBC, emergency care is still available at the hospitals but some procedures have been cancelled or redirected to other NHS providers.
BCS, the Chartered Institute for IT, issued a statement from one of its cyber security experts, Steve Sands, saying: “We need to ensure that all public sector organisations have contingency plans in place to manage cyber attacks, that staff are regularly trained on risk and there is sufficient investment in software resilience.
“Whoever forms the next Government needs to make sure the NHS has this resource and that it is spent correctly, to ensure that lives are not put at risk.”
