London hospitals still facing ‘significant impact on delivery of NHS services’ after ransomware attack pinned on Russian cyber gang


Attack on key provider of pathology services continues to cause disruption to care at trusts operating nine hospitals and various primary care services, as experts attribute incident to criminal enterprise

Hospitals in London are experiencing “significant impact on the delivery of NHS services” following a cyberattack on a key provider of pathology services.

The attack took place on Monday and was perpetrated against Synnovis – a provider of pathology services created via a joint venture between the diagnostics firm SYNLABS and two major health-service hospital trusts: Guy’s and St Thomas’ NHS Foundation Trust;  and King’s College Hospital NHS Foundation Trust.

Between them, the two trusts operate nine hospitals across the capital, as well as a wide variety of community and other care services – treating a cumulative total of 10,000 patients every day.

The day following the attack, NHS England confirmed that the pathology provider had been hit with a ransomware assault which was causing a knock-on effect on frontline care services at the hospitals with which it works.

“On Monday 3 June Synnovis, a provider of lab services, was the victim of a ransomware cyberattack,” said a spokesperson for the health service’s London region. “This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south-east London and we apologise for the inconvenience this is causing to patients and their families. Emergency care continues to be available, so patients should access services in the normal way by dialling 999 in an emergency and otherwise using 111, and patients should continue to attend appointments unless they are told otherwise. We will continue to provide updates for local patients and the public about the impact on services and how they can continue to get the care they need.

They added: “We are working urgently to fully understand the impact of the incident with the support of the government’s National Cyber Security Centre and our cyber operations team.”


Related content


It is understood that, following the attack, Synnovis systems have been rendered inaccessible, leaving clinicians unable to access blood-test results or information related to transfusions.

Mark Dollar, chief executive of the pathology specialist, said that the incident “has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services”.

“It is still early days and we are trying to understand exactly what has happened,” he added. “A taskforce of IT experts from Synnovis and the NHS is working to fully assess the impact this has had, and to take the appropriate action needed. We are working closely with NHS Trust partners to minimise the impact on patients and other service users. Regrettably this is affecting patients, with some activity already cancelled or redirected to other providers as urgent work is prioritised. We are incredibly sorry for the inconvenience and upset this is causing to patients, service users and anyone else affected. We are doing our best to minimise the impact and will stay in touch with local NHS services to keep people up to date with developments.”

Dollar added that the attack had been reported to both law enforcement and data regulator the Information Commissioner’s Office.

“We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be,” he said. “This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.”

The individuals in question have been widely reported to represent Qilin: a cybercriminal organisation reportedly based in Russia. Its previous victims have included high-profile companies in Australia and France – as well as an attack earlier this year on the UK social enterprise and magazine publisher The Big Issue.

Speaking to the BBC’s Today programme, former director of the National Cyber Security Centre Ciaran Martin said that the attack was likely to have been opportunistic in nature, rather than targeted.

“They are simply looking for money,” he said. “It is unlikely they would have known that they would have caused such serious primary healthcare disruption when they set out to attack the company.”

Sam Trendall

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *

Processing...
Thank you! Your subscription has been confirmed. You'll hear from us soon.
Subscribe to our newsletter
ErrorHere