NHS services at Guy’s and St Thomas’ and King’s College hospitals in London, along with other NHS sites in the capital, have been disrupted due to a cyber attack on partner Synnovis. The incident was first detected on June 3 and has caused a major incident to be declared. Details of the attack have not been officially disclosed, but Synnovis has confirmed that their IT systems were hit by malware.
In a letter to staff, Guy’s and St Thomas’ NHS Foundation Trust chief executive Ian Abbs stated that Synnovis had experienced a significant IT incident, leading to connectivity loss for the Trust. This has impacted the delivery of services, particularly affecting blood transfusions. An incident response structure has been put in place to implement contingency plans, with all clinical groups represented.
While the exact nature of the cyber attack is not specified, there is speculation that it could be a ransomware attack. Synnovis’s parent company, Synlab Europe, faced a similar situation with a ransomware attack in Italy in April 2024, causing service delays at Italian hospitals. No connection between the two incidents has been confirmed.
Andrew Brown of PropelTech emphasized the importance of containing the attack, assessing the damage, and restoring impacted services promptly. It is too early to determine the perpetrator of the attack, but the NHS is considered a prime target for cybercriminals.