Ransomware Attack Continues to Disrupt Healthcare in London Nearly Two Years Later

The June 2024 ransomware intrusion, attributed to the Qilin group, targeted Synnovis, the laboratory services provider for several South East London hospitals. By encrypting critical blood‑testing platforms, the attack halted routine pathology, forced the cancellation of over 10,000 outpatient appointments, and left blood banks in a precarious state. While most trusts have rebuilt their IT infrastructure, the incident exposed how supply‑chain dependencies can amplify a single breach into a regional health crisis, prompting regulators to scrutinize third‑party security practices.

At South London and Maudsley NHS Foundation Trust, the repercussions are still palpable. With electronic request and reporting systems offline, clinicians depend on phone calls, paper copies, and manual uploads—a process that has delayed more than 161,000 pathology reports and triggered 122 recorded safety incidents. The trust’s internal data also notes a patient death where a delayed blood result was a contributing factor, illustrating how cyber‑induced latency can translate into clinical harm. Staff report heightened risk of transcription errors and patient misidentification, underscoring the human cost of prolonged digital outages.

The broader lesson for the NHS is clear: cyber resilience must move from a technical checkbox to an operational imperative. The Health Services Safety Investigations Body (HSSIB) is now examining how well hospitals revert to manual workflows, while the Department of Health and Social Care tracks cyber‑related incidents as a growing threat category. Investment in robust backup systems, regular incident‑response drills, and tighter oversight of third‑party vendors are essential to prevent future disruptions from eroding patient trust and safety.