Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Major cyberattack sees NHS London hospitals declare critical incident with operations cancelled

Procedures have been cancelled at Guy’s, St Thomas’ and King’s College hospitals after a ransomware attack

Rebecca Thomas
Health Correspondent
,Amy-Clare Martin,Kate Devlin
Tuesday 04 June 2024 14:54 EDT
Comments
Guy’s and St Thomas’ NHS Foundation Trust is one of two London trusts affected by the cyberattack
Guy’s and St Thomas’ NHS Foundation Trust is one of two London trusts affected by the cyberattack (PA Archive)

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

Two London hospital trusts have been forced to cancel all non-emergency operations and blood tests following a “major” cyberattack.

Pathology systems at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust, as well as GP services across South London, have been hit by a ransomware attack, according to emails seen by The Independent.

Synnovis, the company that supplies blood tests, swabs, bowel tests and other services for hospitals serving NHS patients across six London boroughs, warned the two NHS trusts on Monday that it had been hit by a major malware attack, the consequences of which have affected tens of thousands of patients, according to sources close to the hospitals.

The supplier covers Guy’s Hospital, which runs the Evelina London Children’s Hospital, as well as Harefield Hospital, King’s College Hospital, Princess Royal University Hospital, Royal Brompton Hospital and St Thomas’ Hospital.

In a second email on Tuesday, seen by The Independent, it confirmed it had been hit by a ransomware attack.

GPs have been told to cancel all non-emergency pathology appointments, while hospital staff have been told to request emergency blood samples only from patients who require transfusions.

The National Cyber Security Centre is now involved, while NHS England has declared a level three incident – the second-highest alert level.

In a message to staff on Monday, Guy’s and St Thomas’ said: “Synnovis, the pathology provider for both King’s and Guy’s and St Thomas’, informed us of a major incident with ICT systems.”

A senior NHS source told The Independent that transplants have been affected as patients’ blood tests cannot be cross-checked, and that healthcare leaders in London have been warned that the incident could take “weeks or months” to resolve.

In a separate message, Synnovis said there would be delays for patients receiving results, and GPs have been asked to cancel all non-urgent blood test appointments.

“Given the nature and magnitude of this attack, this is an evolving situation,” it said.

The emails say it is unclear how long the issue will last.

In the second email, Synnovis told staff: “This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions affect.

“This incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations team.”

The National Cyber Security Centre and the National Crime Agency have been contacted for comment.

A government spokesperson said: “The Department of Health and Social Care, NHS England and the National Cyber Security Centre are working together to investigate a cyber incident affecting a number of NHS organisations in southeast London.

“Patient safety is our priority and support is being offered to the impacted organisations.”

A spokesperson for NHS England’s London region said: “On Monday 3 June, Synnovis, a provider of lab services, was the victim of a ransomware cyberattack.

“This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trust, and primary care services in southeast London, and we apologise for the inconvenience this is causing to patients and their families.

“We are working urgently to fully understand the impact of the incident with the support of the government’s National Cyber Security Centre and our Cyber Operations team.”

The spokesperson said that emergency care continues to be available, so patients should access services in the normal way.

This story was updated with a response from NHS England and the government, and at 16.14 following new information received by The Independent regarding the nature of the cyberattack

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in