NHS data breach: Over 3,000 appointments and operations cancelled amid reports of potential counteraction against attackers


Fallout from ransomware incident continues to have ‘significant impact on NHS services’ as data shows that more than 3,000 Londoners have seen their scheduled treatment postponed – including 184 cancer patients

The fallout from the cyberattack on NHS pathology provider Synnovis has seen more than 3,000 consultations or operations cancelled, as reports emerge that authorities could take retaliatory action against the alleged attackers.

Data released by NHS England shows that, as of 16 June, the two trusts that have been principally affected by the 3 June ransomware assault – Guy’s and St Thomas’ and King’s College Hospital – had cancelled a total of 3,328 planned interactions with patients as a result of the cyber incident. This comprised 1,134 elective procedures and 2,194 outpatient appointments.

A total of 184 cancer patients have seen their treatment postponed, while 64 organs have been diverted for transplant use by other hospitals.

During the first week after the attack, which has been widely attributed to Russian criminal gang Qilin, pathology services across the south-east London region were operating at only 10% of their typical capacity. This figure rose somewhat in the second week, but remained at only 30%, according to NHS data.

Medical director for NHS London Dr Chris Streather said that, while the affected hospital and other care facilities have begun to recover and the number of postponements is falling, “the cyberattack on Synnovis is continuing to have a significant impact on NHS services”.


Related content


“Having treatment postponed is distressing for patients and their families, and I would like to apologise to any patient who has been impacted by the incident, and staff are continuing to work hard to re-arrange appointments and treatments as quickly as possible,” he said. “Mutual aid agreements between NHS labs have begun to have a positive impact in primary care providers, helping increase the number of blood tests available for the most critical and urgent cases. Patients should access services in the normal way by dialling 999 in an emergency and otherwise use NHS 111 through the NHS App, online or on the phone. They should also continue to attend appointments unless they are told otherwise by the clinic team.”

The National Crime Agency and the National Cyber Security Centre have been assisting NHS bodies in investigating the attack and supporting recovery. A recent story in the Guardian also suggested that the law enforcement and intelligence bodies are conferring regarding potential “retaliatory action against Qilin”.

The gang is reported to have published online as many as 300 million items comprising 400GB data.

“There’s a specialist [NCA] team behind the scenes working to access, understand and remove the data if possible,” a source told the Guardian.

The attack was perpetrated on Synnovis, a joint venture between diagnostics firm Synlab and two major London NHS trusts: Guy’s and St Thomas’; and King’s College. The difficulties caused by the incident have resulted in the NHS making an urgent plea for blood donations from those with type O blood – which can be safely used in all patients, minimising the need for pathology checks.

Sam Trendall

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *