BlogNews14TH JUN 2024
AuthorSamir Yawar
4 min read
News

Synnovis Ransomware Attack Disrupts Multiple London Hospitals: NHS

Twitter
Facebook
WhatsApp
Email
LinkedIn
Feature image for Synnovis ransomware attack post
BlogNews14TH JUN 2024
4 min read
News

Synnovis Ransomware Attack Disrupts Multiple London Hospitals: NHS

AuthorSamir Yawar
Twitter
Facebook
WhatsApp
Email
LinkedIn
Feature image for Synnovis ransomware attack post

NHS England announced today that a ransomware attack on Synnovis has severely impacted multiple London hospitals, leading to the cancellation of hundreds of planned operations and appointments. 

Synnovis, formerly known as Viapath, was established in 2009 as GSTS Pathology and rebranded in October 2022. The organization operates as a partnership between SYNLAB UK & Ireland, Guy's and St Thomas' NHS Foundation Trust, and King's College Hospital NHS Foundation Trust. 

The Synnovis ransomware attack, attributed to the Qilin operation, has locked the hospital services provider out of its systems, leading to an "ongoing critical incident."

Synnovis ransomware attack details

The Synnovis ransomware attack, which occurred on June 3, has caused significant disruptions in medical services at:

  • Guy's and St Thomas' NHS Foundation Trust

  • King's College Hospital NHS Foundation Trust

  • Primary care providers across South East London

Synnovis ransomware attack image


According to internal memos from hospital officials, the incident has had a "major impact" on procedures and operations, including blood transfusions and blood testing. Despite this, NHS representatives have assured that emergency services such as A&E, urgent care centers, and maternity departments remain operational. However, some procedures dependent on pathology services have been suspended.

On Friday, NHS London revealed the extensive nature of the ransomware attack, noting that it could take months for Synnovis to fully restore its systems. "Data for the first week after the attack (3-9 June) indicates that more than 800 planned operations and 700 outpatient appointments at the two most affected trusts had to be rearranged," NHS officials stated.

When are Synnovis systems expected to be restored?

Synnovis is actively working on the technical recovery of its systems, with plans to restore some functionality in the coming weeks. However, full restoration will take time, and disruptions from the cyber incident are expected to continue for several months.

In addition, NHS Blood and Transplant (NHSBT) issued a warning on Monday about blood shortages in London hospitals, particularly for O-positive and O-negative blood. These blood types are crucial for urgent operations and procedures where patients cannot afford delays.

"We fully recognize the distress that any delays in care can cause for our patients and their families, and we are very sorry for this," said Professor Ian Abbs, Chief Executive of Guy's and St Thomas' NHS Foundation Trust, and Professor Clive Kay, Chief Executive of King's College Hospital NHS Foundation Trust in a joint statement. They urged patients to attend their appointments as scheduled unless contacted otherwise.

While the Qilin ransomware group’s dark web leak site briefly went offline after the attack, it has since resumed operations. The group has not yet claimed responsibility for the Synnovis breach. The Qilin operation, which rebranded from "Agenda" in August 2022, has been linked to over 130 victims since its emergence. Known for double-extortion tactics, the alleged Russian cybercrime group pressures companies by stealing data before encrypting systems and demanding ransoms ranging from $25,000 to millions of dollars.

The NHS continues to monitor the situation closely as recovery efforts progress.

Recommendations in light of Synnovis cybersecurity incident

Ransomware attacks usually involve clicking on an insecure link that is part of an elaborate social engineering technique. It is recommended that employees working in the healthcare industry go through cybersecurity awareness training to learn behaviors and best practices against cyber attacks in the future.

Samir Yawar
Samir Yawar / Content Lead
Samir wants a world where people can instinctively whack online scams and feel accomplished without the need for psychic powers. As an ISC2 member, he is doing his bit to turn cybersecurity awareness training into a fun concept with simple, approachable and accessible content. Reach out to him at X @yawarsamir
FAQsFrequently Asked Questions
Genetic data holds immense value for various reasons, including personalized healthcare insights and ancestral exploration. Hackers target platforms like 23andMe to exploit this sensitive information for illicit gains, such as identity theft, fraud, or even selling the data on the dark web. As the demand for genetic testing services rises, safeguarding this data becomes crucial. Genetic testing providers implement robust security measures, but breaches can occur due to evolving cyber threats. It underscores the need for continuous advancements in cybersecurity to protect the privacy and confidentiality of individuals' genetic information.