Pierluigi Paganini
June 04, 2024
A ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS hospitals in London. The attack forced the impacted hospitals to cancel some healthcare procedures, in some cases patients were redirected to other hospitals.
Synnovis is a pathology partnership between Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospitals NHS Trust, and SYNLAB, Europe’s largest provider of medical testing and diagnostics.
In a post published on its website, Synnovis disclosed it was the victim of a ransomware attack.
“On Monday 3 June, Synnovis – a partnership between two London-based hospital Trusts and SYNLAB – was the victim of a ransomware cyberattack. This has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services.” reads the statement published by the company. “Regrettably this is affecting patients, with some activity already cancelled or redirected to other providers as urgent work is prioritised.”
The pathology and diagnostic services provider has launched an investigation into the security breach with the help of experts from the NHS. The experts are working to fully assess the impact of the attack and to take the appropriate action to contain the incident. The company also announced they are working closely with NHS Trust partners to minimise the impact on patients and other service users.
🚨 NEW: Operations across 2 major London hospitals @GSTTnhs & @KingsCollegeNHS have been cancelled due to a cyber attack, with all transplant surgery at @RBandH axed. Problem is affecting pathology labs incl blood transfusions. Trauma cases at Kings being sent to other sites: pic.twitter.com/zmtsq6c0zL
— Shaun Lintern (@ShaunLintern) June 4, 2024
Below is the message sent by Professor Ian Abbs, Chief Executive Officer Guy’s and St Thomas’ NHS Foundation Trust:Dear Colleague
"I am writing to update you about the ongoing critical incident that is currently affecting our pathology services. I can confirm that our pathology partner Synnovis experienced a major IT incident earlier
today, which is ongoing and means that we are not currently connected to the Synnovis IT
servers. This incident is also affecting King’s College Hospital NHS Foundation Trust and primary care across south east London.
This is having a major impact on the delivery of our services, with blood transfusions being particularly affected. Some activity has already been cancelled or redirected to other providers at short notice as we prioritise the clinical work that we are able to safely carry out.
I recognise how upsetting this is for patients and families whose care has been affected, and how difficult and frustrating this is for you all. I am very sorry for the disruption this is causing. An incident response structure has been stood up, with colleagues from across the Trust meeting regularly to assess the situation and put contingency plans into place. All clinical groups are represented on this, so please do direct any clinical or operational questions to your clinical group or directorate leadership as your clinical group or directorate leadership as appropriate. While we do not yet know all the details or how long this issue will take to resolve we will keep you updated through the usual routes, including through the clinical alert system."
The NHS London published a statement on Synnovis ransomware attack confirming that the incident is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London.
“On Monday 3 June Synnovis, a provider of lab services, was the victim of a ransomware cyber attack. This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London and we apologise for the inconvenience this is causing to patients and their families.” reads the statement.
“Emergency care continues to be available, so patients should access services in the normal way by dialling 999 in an emergency and otherwise using 111, and patients should continue to attend appointments unless they are told otherwise. We will continue to provide updates for local patients and the public about the impact on services and how they can continue to get the care they need.”
At this time, the company has yet to provide details on the attack, such as the malware family that infected its systems and if it has suffered a data breach.
In April, Synlab Italia, the Italian branch of the SYNLAB group, experienced disruptions due to a Blackbasta cyber attack. The company suspended all activities at sampling points, medical centers, and laboratories in Italy.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
