Nearly 200 patients harmed in major cyber attack

The NHS has confirmed nearly 200 patients were harmed as a result of a major cyber attack last year.

One year on from the ransomware attack that shut down the IT systems used by south east London’s pathology provider Synnovis, managers confirmed nearly 600 incidents, of which 170 involved patient care suffering.

This includes one case of “severe” harm, which has prompted a patient safety incident investigation at King’s College Hospital Foundation Trust, 14 examples that were classed as “moderate”, and another 155 defined as “low harm”.

The attack in June 2024 left GPs across six boroughs unable to order blood tests, and more than 1,000 inpatient procedures were cancelled at two large hospital trusts.

The attack meant the pathology IT systems depended on by two of England’s biggest provider trusts – Guy’s and St Thomas’ and King’s College Hospital foundation trusts – and 192 GP practices were largely inoperable. Large quantities of tests in primary care were deferred or cancelled; and those carried out had to be sent to the pathology networks in north central and south west London.

The hospitals were unable to carry out some procedures involving blood transfusion, including surgery, with many diverted to other providers. Some cancer treatments were also delayed or diverted, as well as some transplants and specialist maternity work.

Read full story (paywalled)

Source: HSJ, 18 June 2025