IT systems in Medway disconnected due to ‘suspicious activity’

Medway Community Healthcare (MCH) has announced that it has disconnected its IT systems to “protect patient and staff data” after detecting some “suspicious activity”.

In a statement on its website, published on 5 December 2024, the trust confirmed the decision and reason for disconnecting its systems, following the incident three day earlier.

The latest statement says: “Earlier this week we told you that we detected some suspicious activity relating to our IT systems.

“As a precaution, we therefore disconnected out systems to protect patient and staff data.”

It adds that an” investigation is ongoing” and that patients requiring blood tests will need to bring paper forms.

“If you do not have a paper form, we cannot proceed with your blood test. Unless you are told otherwise, booked appointments are still going ahead as planned.

“Our staff are working hard to continue to provide services during this time. Please bear with us, and be patient,” the statement says.

The incident was first announced on the trust’s website and on X on 2 December 2024:

As part of our routine monitoring we have detected some suspicious activity relating to our IT systems. As a precaution, to protect staff and patient data, we have disconnected our systems while we investigate further. We are working to get systems working as quickly as possible. pic.twitter.com/n9hO2bi4rZ

— Medway Community Healthcare (@MedwayHealth) December 2, 2024

The incident follows a cyber attack at Alder Hey Children’s NHS Foundation Trust on 28 November 2024, which also impacted Liverpool Heart and Chest Hospital and Royal Liverpool University Hospital and a cyber incident at Wirral University Teaching Hospital NHS Foundation Trust, on 25 November 2024.

Meanwhile,  Richard Horne, the new head of the National Cyber Security Centre (NCSC) called for the need for sustained vigilance.

In a speech on 3 December 2024, Horne said: “What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face, and the defences that are in place to protect us.

“And what is equally clear to me is that we all need to increase the pace we are working at to keep ahead of our adversaries.”

Horne highlighted the impact of cyber attacks, referencing the ransomware attack on pathology provider Synnovis in June 2024.

“In the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents.

“The attack against Synnovis showed us how dependent we are on technology for accessing our health services,” Horne said.

An updated cyber resilience framework for health and social care organisations was announced by the National Data Guardian and NHS England in September 2024.

The change to how organisations measure and self-report their data security capabilities is part of the Department of Health and Social Care’s ‘Cyber security strategy for health and social care: 2023 to 2030’, which aims to align health and care with cyber resilience standards across other sectors.