A Ransomware Attack Forces a London Hospital to Seek Blood Donations from Staff
A London hospital has resorted to requesting blood donations from its clinical staff following a crippling cyberattack. Last week's breach has significantly disrupted hospital operations, including blood transfusions. King’s College Hospital recently issued an internal memo urging staff with blood type O to donate, in light of the severe shortages caused by the ransomware attack on Synnovis.
Widespread Impact on the Health System
NHS England has also made an urgent appeal to the public for blood donations, highlighting the broader ramifications of the cyberattack impacting medical facilities since June 4. The hack has compromised the operations of Synnovis, a key provider overseeing blood transfusions and testing. Consequently, hospitals have faced delays in medical procedures and have had to revert to manual record-keeping.
Julie Lowe, Deputy Chief Executive of King’s College Hospital NHS Foundation Trust, emphasized the urgency for type O blood donors to schedule appointments to mitigate the crisis. Type O blood is particularly valuable; O negative can be universally given, while O positive is the most common type. The frequency of patient blood matching has been severely affected by the attack, NHS Blood and Transplant confirmed in a statement.
Extended Disruptions and Operational Challenges
The hospital memo indicated that disruptions are anticipated to persist throughout the week, with some patients being redirected to other facilities. Planned surgeries and outpatient visits may also face cancellations. Lowe noted the uncertainty surrounding the restoration of Synnovis' systems, urging preparations for extended disruptions.
Synnovis, a partnership between Synlab UK & Ireland and several NHS Trusts, including King’s College Hospital, has been working with NHS England to reduce patient impact. However, the cyberattack has notably impaired labs servicing patients in southeast London, particularly those of Guy’s and St Thomas’ Hospital and King’s College Hospital.
Challenges for Primary Care Providers
The attack's effects have spilled over into primary care, limiting the capacity for blood sample testing. Local physician Azeem Majeed revealed that daily blood sample requests have dropped from about 10,000 to around 400, mainly impacting routine tests for chronic conditions. Although urgent cases are prioritized, thousands of blood samples risk being discarded due to delayed testing and degraded reliability.
Synnovis reported receiving around 8,000 samples last week but processed only about 3,000, with many tests conducted manually. Results that fall outside critical limits have been communicated by phone, while electronic results remain unreturnable.
Unclaimed Responsibility
No group has claimed responsibility for the ransomware attack yet. Such attacks typically involve locking victims out of their systems until a ransom is paid. Cian Heasley, a researcher at Adarma Security, suggested Qilin, a notorious Russian-speaking ransomware collective, might be behind the attack. Qilin has previously targeted healthcare providers, recognizing the high value of patient data.
This incident marks the third significant ransomware attack on Synlab AG within a year. Previous attacks in France and Italy have similarly paralyzed their operations, underscoring the vulnerability of healthcare infrastructure to such threats.
The ongoing situation remains fluid as efforts to restore normal operations continue, amidst a pressing need for blood donations and enhanced cybersecurity measures.