Article Date: 05-June-2024
On June 3, 2024, a major cyber attack targeted Synnovis, a provider of lab services to large hospitals and GP surgeries in London leading to significant disruptions in hospital services across the city.
Synnovis—a partnership between two London-based hospital Trusts and SYNLAB—fell victim to a ransomware cyberattack. This incident has disrupted all of Synnovis’ IT systems, leading to interruptions in many of their pathology services.
The impact extends to patients using NHS services within the two partner hospitals, as well as GP services across Bexley, Greenwich, Lewisham, Bromley, Southwark, and Lambeth boroughs. Major hospitals affected by the cyber attack include King’s College Hospital, Guy’s and St Thomas’, Royal Brompton, Harefield, and others. These hospitals declared a critical incident following the attack.
The cyber attack had a major impact on the delivery of services, particularly affecting blood transfusions⁴⁵. Urgent operations were cancelled at three hospitals¹, and all non-emergency operations and blood tests were cancelled at two hospital trusts². Some procedures and operations were either cancelled or redirected to other NHS providers as hospital bosses continue to establish what work can be carried out safely⁴⁵. The cancellation of operations and other services has caused considerable inconvenience to patients and their families⁴⁵.
The situation is being closely monitored, and NHS officials are working with the National Cyber Security Centre to understand the impact of the ransomware cyber attack⁴⁵. Emergency care continues to be available, and patients are advised to access services in the normal way⁴. The incident was reported to law enforcement and the Information Commissioner⁴.
SYNNOVIS’ STATEMENT ON THE CYBERATTACK
Tuesday, 4 June, 2024
Mark Dollar, Synnovis CEO said:
"On Monday 3 June, Synnovis – a partnership between two London-based hospital Trusts and SYNLAB - was the victim of a ransomware cyberattack. This has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services.It is still early days and we are trying to understand exactly what has happened.
A taskforce of IT experts from Synnovis and the NHS is working to fully assess the impact this has had, and to take the appropriate action needed. We are working closely with NHS Trust partners to minimise the impact on patients and other service users.
Regrettably this is affecting patients, with some activity already cancelled or redirected to other providers as urgent work is prioritised. We are incredibly sorry for the inconvenience and upset this is causing to patients, service users and anyone else affected. We are doing our best to minimise the impact and will stay in touch with local NHS services to keep people up to date with developments.
We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.
The incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations Team.
We will share further updates as we know more, but regret that we are unable to respond to individual queries from the media at this time –
thank you for your understanding."
References
(1) Critical incident declared as ransomware attack affects ... - ITVX. https://www.itv.com/news/2024-06-04/cyber-attack-affects-blood-deliveries-at-hospitals-across-london.
(2) Critical incident declared as cyber attack affects major London hospitals. https://uk.news.yahoo.com/critical-incident-declared-cyber-attack-170138013.html.
(3) NHS 'critical incident' declared as five major hospitals hit by cyber .... https://www.express.co.uk/news/uk/1907148/NHS-cyber-attack-appoints-cancelled.
(4) Major cyber attack at NHS London hospitals in critical incident with operations cancelled. https://www.msn.com/en-gb/news/uknews/major-cyber-attack-at-nhs-london-hospitals-in-critical-incident-with-operations-cancelled/ar-BB1nBsut.
(5) Cyber Attack Impacts Hospital Linked to Princess Kate. https://www.msn.com/en-us/health/other/cyber-attack-impacts-hospital-linked-to-princess-kate/ar-BB1nCpCY.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more