Synnovis CEO confirms ransomware attack at London hospitals
- 5 June 2024
Mark Dollar, chief executive at Synnovis, has confirmed that a ransomware attack has interrupted all the pathology service provider’s IT systems, causing patient activity to be cancelled or redirected.
Synnovis is a pathology partnership between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospitals NHS Foundation Trust, and SYNLAB, Europe’s largest provider of medical testing and diagnostics.
News of the attack emerged on 3 June 2024, when Professor Ian Abbs, chief executive at Guy’s and St Thomas’ NHS Foundation Trust wrote to staff, warning that a critical incident was having “a major impact” on the delivery of services, with blood transfusions being particularly affected.
On 4 June 2024, Dollar issued a statement confirming that a ransomware attack the previous day had “affected all Synnovis IT systems, resulting in interruptions to many of our pathology services”.
The immediate impact is on patients using NHS services at Guy’s and St Thomas’ NHS FT, and King’s College Hospitals NHS FT, as well as GP services across Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth boroughs, the statement said.
Dollar added that the event had affected patient care with “some activity already cancelled or redirected to other providers as urgent work is prioritised”.
“It is still early days and we are trying to understand exactly what has happened. A taskforce of IT experts from Synnovis and the NHS is working to fully assess the impact this has had, and to take the appropriate action needed.
“We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be.
“This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect,” Dollar added.
Digital Health News understands that Guy’s and St Thomas’ NHS FT issued a further announcement to staff on 4 June 2024, declaring a level three response to the cyber attack.
The announcement added that only 10% of the affected services were running as normal and it was predicted that it would take “a few weeks” to fully resume services.
A spokesperson for NHS England London region said in a statement that the cyber attack was “having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London”.
They added that emergency care is still available and patients should continue to attend appointments unless they are told otherwise.
“We are working urgently to fully understand the impact of the incident with the support of the government’s National Cyber Security Centre and our cyber operations team” they said.
SYNLAB Italia is also believed to have been affected by a cyber attack, with SC Media reporting in April 2024 that laboratories, medical centres, and sampling points had been disrupted.
6 Comments
There has been a request for Medica Students To do what?
Presumably Synnovis will work out how the ransomware was deployed. They then simply wipe the machines, restore from the backups, and fix the vulnerability before restoring services?
“We take cybersecurity very seriously at Synnovis …”
So will Synnovis be telling us how this occurred, and how it managed to take down the entire business? I doubt it… 🙁
This ransomware attack highlights the urgent need for strong cybersecurity in healthcare. The disruption to pathology services, especially blood transfusions, is very worrying and shows how vulnerable critical medical systems are. The quick action from Synnovis and NHS IT experts is commendable, but this event reminds us of the ongoing threats we face. Continuous investment in cybersecurity is essential to protect patient care and medical services.
Dare one say this is the risk when there is so much centralisation. So many users are affected by one strike. Imagine if this was a credit card company hacked.
The makers of the ransomware don’t care about people. I hope no one dies as a result.
Comments are closed.