Ransomware computer attack on London hospitals still 'critical' incident with operations cancelled

Guy’s and St Thomas’ Hospital is among those affected by the cyber attack (Georgie Gillard/PA) (PA Archive)
Guy’s and St Thomas’ Hospital is among those affected by the cyber attack (Georgie Gillard/PA) (PA Archive)

Major hospitals in London are still cancelling operations more than three days after a cyber attack, the NHS has said.

A critical incident was declared on Tuesday after hospitals using patholgy services provided by computer firm Synnovis were attacked.

King’s College Hospital, Guy’s and St Thomas’, the Royal Brompton and the Evelina London Children’s Hospital are among those hit.

The incident has had a "major impact" on services, especially blood transfusions and test results.

The ransomware attack was first detected on Monday with some hospital departments unable to connect with main servers. Twenty four hours later the issue was upgraded to a critical incident.

In an update on Thursday the NHS said Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust remain in a critical incident.

Meanwhile Oxleas NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London continue to be hit.

Chris Streather, Medical Director for NHS England London, said: “NHS staff are working around the clock to minimise disruption to patient care following the ransomware cyber-attack on Synnovis earlier this week.

“Pathology services at the impacted sites are available – albeit at a reduced capacity – with the most urgent cases being prioritised.

“Unfortunately, some non-urgent operations and procedures including transplants continue to be postponed, while nearly all non-urgent blood tests have been postponed in primary care services in South East London.

“We are sorry to all those who have been impacted and staff will work hard to re-arrange appointments and treatments as quickly as possible.

“Urgent and emergency services are available as usual so patients should access services in the normal way by dialling 999 in an emergency and otherwise use NHS 111 through the NHS App, online or on the phone.

“If you have not heard from your healthcare provider, please attend appointments as normal as services including outpatients and community services are mostly running as usual, including cervical screening.”

A spokesperson from Synnovis said the company had sent in a "taskforce of IT experts" to "fully assess" the impact.

The NHS apologised for the inconvenience and said it was working with the National Cyber Security Centre to understand the impact.

A Russian cyber crime group is behind the ransomware attack the former chief executive of the National Cyber Security Centre has claimed.

Ciaran Martin said the attack had the hallmarks of a Russian attack.

However, there has been no official confirmation of who the prime suspects are in the case.