A ransomware attack that crippled a London-based medical testing and diagnostics provider has led several major hospitals in the city to declare a critical incident emergency and cancel non-emergency surgeries and pathology appointments, it was widely reported Tuesday.
The attack was detected Monday against Synnovis, a supplier of blood tests, swabs, bowel tests, and other hospital services in six London boroughs. The company said it has “affected all Synnovis IT systems, resulting in interruptions to many of our pathology services.” The company gave no estimate of when its systems would be restored and provided no details about the attack or who was behind it.
Major impact
The outage has led hospitals, including Guy’s and St Thomas’ and King’s College Hospital Trusts, to cancel operations and procedures involving blood transfusions. The cancellations include transplant surgeries, which require blood transfusions.
“I can confirm that our pathology partner Synnovis experienced a major IT incident earlier today, which is ongoing and means that we are not currently connected to the Synnovis IT servers,” Ian Abbs, CEO of the hospital network Guy’s and St Thomas’ NHS Foundation Trust, wrote in an email posted to social media. “This is having a major impact on the delivery of our services, with blood transfusions being particularly affected. Some activity has already been canceled or redirected to other providers at short notice as we prioritize the clinical work that we are able to safely carry out.”
Royal Brompton and Harefield hospitals, the largest specialized heart and lung centers in the UK, said they are affected. Primary care across southeast London is also impacted. The disruption may also hamper trauma cases since urgent blood components will be transfused only when it is “critically indicated for the patient,” according to a memo circulated to hospital staff.
A government spokesperson said: “The Department of Health and Social Care, NHS England, and the National Cyber Security Centre are working together to investigate a cyber incident affecting a number of NHS organizations in South East London. Patient safety is our priority and support is being offered to the impacted organizations.”
The London hospitals are the latest in a long line of health care facilities to be hamstrung by a ransomware attack. Such attacks routinely cause Emergency Rooms to divert patients to other facilities, often resulting in delays in patients receiving lifesaving care. In 2020, a patient in Germany died after being rerouted to a hospital about 20 miles away, resulting in about a one-hour delay in treatment.
Emergency care continues to be available in London, and health care professionals see patients for scheduled appointments in most cases.
Last year, the number of ransomware attacks targeting health care providers almost doubled, according to the US Director of National Intelligence, with 214 worldwide in 2022 and 389 in 2023. In the US, the number rose from 113 in 2022 to 258 last year. Security firm Emsisoft said attacks against US hospitals numbered 27 in 2021, 25 in 2022, and 46 in 2023.
Few details are known about the latest ransomware attack. There are no known reports of ransomware groups taking credit, and researchers have yet to provide any intelligence. Synnovis said it has reported the incident to law enforcement and the Information Commissioner and is working with the UK’s National Cyber Security Centre and the Cyber Operations Team.