A cyber attack involving ransomware on Synnovis had a significant impact on multiple medical facilities in London
June 04, 2024
The provider of pathology and diagnostic services, Synnovis, faced a severe cyber attack with ransomware, greatly affecting the functions of numerous hospitals in London.
An incident of ransomware cyber attack targeting the provider of pathology and diagnostic services, Synnovis, seriously impacted the operations of multiple large NHS hospitals in London. This situation led to the cancellation of certain medical procedures in the affected hospitals, resulting in redirection of patients to other medical facilities in some cases.
Synnovis is a partnership in pathology services between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospitals NHS Trust, and SYNLAB – the largest medical testing and diagnostics provider in Europe.
A statement published on the company’s website announced that Synnovis was subjected to a ransomware cyber attack on Monday 3 June. The attack impacted all IT systems at Synnovis, causing disruptions in many of their pathology services.
According to the statement released by the company, “Unfortunately, this event is affecting patients, with some procedures already canceled or redirected to other service providers as urgent matters are given priority.”
The provider of pathology and diagnostic services has initiated an investigation into the security breach with the assistance of experts from the NHS. These experts are actively working to assess the full impact of the attack and implement necessary actions to contain the incident. Synnovis also stated they are collaborating closely with NHS Trust partners to mitigate the repercussions on patients and other service beneficiaries.
Below is an update from Professor Ian Abbs, Chief Executive Officer of Guy’s and St Thomas’ NHS Foundation Trust:
"I am providing you with an update about the ongoing critical incident affecting our pathology services. Synnovis, our pathology partner, experienced a major IT incident earlier today, which is ongoing, disconnecting us from the Synnovis IT servers. This incident is affecting King’s College Hospital NHS Foundation Trust and primary care services in south east London. The impact on our operations is substantial, especially affecting blood transfusions. Some activities have been canceled or redirected to other providers on short notice as we prioritize the clinical procedures we can safely manage. We understand the distress caused to patients and their families due to this situation and we sympathize with the difficulties and inconvenience faced by everyone involved. An incident response mechanism has been activated, with representatives from various departments meeting regularly to evaluate the situation and establish contingency plans. All clinical groups are part of this team, so please refer any clinical or operational inquiries to your respective clinical group or directorate leadership. While we await further details and the resolution time frame, we will continue to keep you informed through our standard channels, including the clinical alert system."
NHS London released a statement concerning the ransomware attack on Synnovis, confirming a significant disruption in service delivery at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts, and primary care facilities in south east London.
“Synnovis, a lab services provider, fell victim to a ransomware cyber attack on Monday 3 June. This has had a significant impact on service delivery at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts, and primary care services in south east London. We express regret for the inconvenience caused to patients and their families.” states the announcement.
“Emergency services remain operational, patients should seek services as usual by dialing 999 in emergencies or using 111 for non-emergencies. Patients should attend appointments unless instructed otherwise. We will ensure ongoing updates for local patients and the public regarding service disruptions and guide them on obtaining required care.”
The company is currently abstaining from providing specifics about the attack, such as the specific malware involved and whether a data breach occurred.
In April, Synlab Italia, the Italian arm of SYNLAB, encountered disruptions due to a Blackbasta cyber attack. All activities at sampling centers, medical facilities, and laboratories in Italy were suspended by the company.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
About Author
