The NHS has said that the number of acute outpatient appointments postponed at two major London hospital trusts has reached 10,001, more than two months after a cyberattack affected pathology services.
A further 1,680 elective procedures were also postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St. Thomas’ NHS Foundation Trust, NHS England said in a statement on Thursday.
Since the incident, other pathology services have been aiding affected hospitals to ensure critical blood test work is done.
The service impact remains, but the NHS said that more than 60 core IT systems used in laboratories have been or are in the process of being entirely rebuilt.
The health service added that testing has started to bring pathology services used by primary and community care services in south east London, including GP practices, back to Synnovis, and that full restoration of blood transfusion services remains planned for early autumn.
Other trusts continue to be affected, including South London and Maudsley NHS Foundation Trust which remains in a critical incident.
Stolen Data Published Online
A ransomware attack is a kind of malware that prevents users from accessing data, with the hackers threatening to keep users locked out permanently or share the data publicly unless a ransom is paid.On June 24, the NHS confirmed that data published online by a cybercriminal group had been stolen from some of Synnovis’s systems following the malware attack.
The NHS says on its dedicated cyber incident page that the format in which the stolen data had been published is a partial copy from the administrative working drive.
“The main database where patient test requests and results are stored is separate, and is called the Laboratory Information Management System. At present, Synnovis has confirmed there is no evidence the cyber criminals have published a copy of this database, although their investigations are ongoing,” the NHS said.
NHS Impacted by Global Tech Outages
The NHS found its systems further impacted when a global IT outage hit on July 19 and caused disruption to the majority of GP services.The outages were triggered by a defect in a content update for Windows hosts from the cybersecurity firm CrowdStrike.
The issue caused many services to go offline globally, leaving devices displaying a “blue screen of death”—which indicates a critical error led to a system crash—instead of rebooting and functioning normally.
Even after CrowdStrike issued a fix, delays with GP services was felt for days after as it faced a considerable backlog of workload.
Pharmacies experienced a knock-on effect as they have to recover from increased demand when practice services returned to normal.
The outage, which CrowdStrike confirmed was not related to a security breach, affected a range of businesses and service providers, including banks, airports, and media outlets.
While Windows estimated that the CrowdStrike incident affected less than 1 percent of all Windows machines, the economic and societal impacts were widespread, because many enterprises which operate critical services use CrowdStrike.
