Amidst a cyberattack targeting pathology supplier Synnovis in June 2024, NHS England confirmed the postponement of over 6,000 operations and appointments at London hospitals.Amidst a cyberattack targeting pathology supplier Synnovis in June 2024, NHS England confirmed the postponement of over 6,000 operations and appointments at London hospitals. King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust were severely affected, with 4,913 acute outpatient appointments and 1,391 elective procedures delayed. Data for the fourth week of reporting indicated that 1,517 acute outpatient appointments and 136 elective procedures were postponed at the two hospitals due to the ransomware attack. NHS London Medical Director Dr. Chris Streather emphasized the progress made but stressed the ongoing efforts to restore services. He acknowledged the added pressure from ongoing strikes, which have further strained hospital staff. While the British Medical Association arranged for limited assistance from junior doctors during the strike period, the Department of Health and Social Care clarified that it was not feasible to immediately reschedule all canceled operating lists. Pathology services in south-east London have gradually increased to 54% of normal capacity, with Synnovis attributing the disruption to a significant impact on IT systems. The investigation into the attack continues, with Synnovis collaborating with the NHS and cybersecurity experts. Initial analysis by cybercriminals suggests that stolen data may include personal information like names and NHS numbers.
NHS England has confirmed that more than 6,000 operations and appointments have been postponed at London hospitals affected by the cyberattack on Synnovis.
In an update published on 4 July 2024, NHSE reported that 4,913 acute outpatient appointments and 1,391 elective procedures have been postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust since the incident on 3 June.
Data for the fourth week of reporting (June 24-30) shows that 1,517 acute outpatient appointments and 136 elective procedures had to be postponed at the two worst-affected hospitals due to the ransomware attack on pathology supplier Synnovis.
Dr Chris Streather, medical director of NHS London, said: “While we are seeing significant progress, with most services operating close to normal, we continue to work tirelessly with our colleagues across London to ensure all services are fully operational again as soon as possible.”
He added that the affected hospitals were “facing the added pressure of the strikes, which placed additional demands on staff”.
According to the British Medical Association, arrangements have been made with NHSE to allow a limited number of junior doctors to work in locations worst affected by the cyber attack during the strikes, which took place between June 27 and July 2.
However, a Department of Health and Social Care spokesperson said Digital Health News that it was “unfortunately not possible” to immediately reschedule all operating lists that had been cancelled due to the planned strike.
Pathology services in south-east London have increased to around 54% of normal capacity, compared to 45% in the week 17-23 June.
A statement from Synnovis, published on July 1, said: “Virtually all of Synnovis’ IT systems have been affected by this criminal attack, impacting everything from the ability of our analyzers to identify and process incoming samples to the actual dispatch of test results.
“Many of these processes had to be reduced to paper and manual protocols instead of electronic, which has significantly impacted capacity and delivery times.”
It added that the phased approach to restoring the technical infrastructure “included the provision of new middleware (software that simplifies the reporting and transmission of results from our laboratory information management systems) at Guy’s Hospital as well as St Thomas’ Hospital and King’s College Hospital, increasing our processing capacity at each hospital”.
Initial analysis of data published online by cybercriminals shows the information could include personal details such as names, NHS numbers and test codes, Synnovis said.
The investigation into the attack continues, with an IT taskforce from Synnovis and cyber specialists appointed by the NHS working closely with the National Cyber Security Centre and the NHSE cyber operations team.
