NHS cyber attack data taken from Synnovis system, provider confirms
Synnovis, which provides services to NHS trusts and GP services, primarily in south-east London, was the victim of a cyber attack on June 3.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Data from a ransomware attack on NHS provider Synnovis has been confirmed as having come from the service, NHS England has said.
Synnovis, which manages blood tests for NHS trusts and GP services, primarily in south-east London, was the victim of a cyber attack – understood to have been carried out by Russian group Qilin – on June 3.
NHS England said the data was then published online by the group on Friday.
Hundreds of operations and appointments have been cancelled in the weeks since the incident.
In a statement on Monday, NHS England said there was “no evidence” the cyber criminals had published an entire database, but that it could take “some weeks” to learn which people were impacted by the attack.
It said: “NHS England continues to work with Synnovis and the National Crime Agency to respond to the criminal ransomware attack on Synnovis systems.
“Synnovis has now confirmed through an initial analysis that the data published by a cyber crime group has been stolen from some of their systems.
“We understand people may be concerned by this, and Synnovis are working at pace to carry out the further analysis required to understand the full scale and nature of the data released and patients impacted.
“At present, Synnovis has confirmed there is no evidence the cyber criminals have published a copy of the database (Laboratory Information Management System) where patient test requests and results are stored, although their investigations are ongoing.”
According to the BBC, Qilin shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on their darknet site and Telegram channel.
Spreadsheets containing financial arrangements between hospitals and GP services and Synnovis were also published, the BBC reported.
NHS England said: “Investigations of this type are complex and can take time. Given the complexity of the investigation it may be some weeks before it is clear which individuals have been impacted.”
It added that local health systems will work together with additional resources to reduce impact on patients and process urgent blood samples.
Between June 10 and 16, the second week after the attack, more than 320 planned operations and 1,294 outpatient appointments were postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.
The number of rearranged planned operations had gone down by 494 since the first week after the attack, June 3-9, but the number of missed outpatient appointments had increased by 394.
The total as of June 20 was 1,134 planned operations and 2,194 outpatient appointments postponed, according to NHS England.
Patients have been told to continue attending appointments unless told otherwise while urgent care is available as usual.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.