Ransomware disruptions contributed to a patient death, NHS finds

• A ransomware attack targeted a healthcare organisation in the UK
• The disruptions to patient care tragically contributed to a patient death
• Criminals target critical services as they are likely to pay the ransom

Ransomware attacks are devastating for victims, but this has now reached a new and tragic level, with the UK’s National Health Service (NHS) confirming that an attack on London hospitals in 2024 that forced ambulances to be diverted and disrupted blood testing has contributed to a patient's death.

This attack targeted Synnovis, a London-based pathology service, and cybercriminal group Qilin caused severe disruptions to the blood-testing services, and the delay in a blood test was a ‘contributing factor’ to the death of a patient.

Around 800 operations and 700 outpatient appointments were cancelled or rescheduled due to the attack, and personal information such as names, dates of birth, NHS numbers, and even blood test data is suspected to have been compromised and published in the incident.

Tragic consequences

Cybercriminals target critical infrastructure such as hospitals because they are likely to pay ransoms in order to get services up and running with minimal disruptions in order to protect patients, but this, of course, requires a level of disruption no matter what.

“One patient sadly died unexpectedly during the cyber-attack,” confirmed the King’s College Hospital NHS Foundation Trust.

“As is standard practice when this happens, we undertook a detailed review of their care. The patient safety incident investigation identified a number of contributing factors that led to the patient’s death. This included a long wait for a blood test result due to the cyber-attack impacting pathology services at the time. We have met with the patient’s family, and shared the findings of the safety investigation with them.”

It’s said that Qilin, the ransomware gang, demanded $50 million from Synnovis in return for the stolen data, but reports suggest that Synnovis either refused or failed to pay the ransom, and the data was then published online.

This is in line with the Government’s ransomware payment ban for public organizations, which aims to dissuade ransomware gangs from targeting public services.

Via The Record

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for the best antivirus tools on offer
• Russia-linked Qilin group says it was responsible for London hospitals cyberattack