The NHS has set up helpline number to answer queries and concerns about patient data as Synnovis cyber attack causes major disruption across southeast London
On June 3, Synnovis, a pathology laboratory serving several NHS organisations in South East London, was targeted by a ransomware attack.
This cyber incident has disrupted vital blood testing services, crucial for a range of medical treatments, and raised significant concerns over data security.
NHS England confirmed that a cybercriminal group, Qilin, published data online, claiming it was stolen from Synnovis.
The National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) are currently working to authenticate the data and understand its contents.
A helpline has been established to address patient concerns, and NHS England urges patients to attend their appointments unless otherwise directed.
The attack has rendered some of the NHS’s blood testing systems inoperable, causing substantial disruption to medical services in South East London.
In a statement, the NHS said: "Unprocessed samples were made safe by Synnovis and stored in their labs.
"However, due to the time that has now lapsed, some of these samples are no longer suitable for analysis and will need to be discarded."
Synnovis is working with the NHS Trusts and GP practices to determine which samples are affected and the process for informing patients.
While urgent and emergency services remain functional, including A&E and maternity departments, there may be delays in blood testing services.
Over 3,000 hospital and GP appointments have been affected.
According to a BBC report, the cybercriminal gang published nearly 400GB of sensitive data on the darknet.
This includes patient names, dates of birth, NHS numbers, and descriptions of blood tests.
Ciaran Martin, a cyber security expert and former head of the NCSC, described this attack as “one of the most significant and harmful cyber attacks ever in the UK.”
He told the BBC, “Cybercriminals go where the money is, and unfortunately, the money is in attacking the healthcare sector,” referencing a reported $22 million ransom paid by United Health Group earlier this year.
Previosuly, Qilin claimed they targeted Synnovis to punish the UK for not assisting in a conflict.
Martin dismissed this as "absolute garbage," emphasising that their motives were "entirely financial."
The gang, thought to be based in Russia, stated they could not disclose their exact location for security reasons.
Additionally, they have stolen data from other healthcare organisations, schools, companies, and councils globally.
NHS England’s Response
NHS England continues to collaborate with Synnovis, law enforcement, and cyber security experts to investigate the breach.
They advise individuals to remain vigilant against phishing scams and report suspicious activity to Action Fraud or the phishing reporting service.
NHSE assured patients that any updates regarding the data breach and its impact will be promptly shared on their website.
Patients are encouraged to continue using NHS services as normal, though there may be some rescheduling of tests and appointments.
The NHS will keep the public informed as more details emerge from the ongoing investigation.
Call for action: For further information, patients are advised to contact the incident helpline at 0345 8778967.
