💰💣

Synnovis Security Incident

June 3rd, 2024 476 days ago Resolved

Incident Overview

Situation Description

A ransomware cyber attack on Synnovis, a pathology laboratory, has significantly reduced its capacity to process and report test results, leading to the rescheduling of hundreds of operations and appointments.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Healthcare

Geographic Scope

Local

Response Actions

Isolated Compromised Systems Took Systems or Services Offline Restored Systems from Secure Backups Managed Public Narrative & Crisis Communications Collaborated with Peers / Community Traffic Filtering / Rerouting

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) Operational / System Data

Primary Impacts

Operational Disruption Reputational Damage

Key Decisions Made

The NHS England London declared a regional incident and is coordinating work across affected services, neighboring providers, and national partners to manage disruption.; Mutual aid is being coordinated to ensure patients needing time-sensitive care receive it at other hospitals.; Other pathology services are being utilized to reroute blood tests from GP surgeries, with plans to expand this to more boroughs.

Technical Analysis

Attack Method

Phishing

Additional Information

Attacks and Vulnerabilities Malware, Phishing & Ransomware Medical News NHS updates on disruptions, potential data breach following London lab ransomware attack June 18, 2024 The U.K. National Health Service (NHS) released an update regarding the ransomware cyber attack on June 3rd against Synnovis, a pathology laboratory that processes blood tests for several NHS entities, primarily in southeast London. The attack has significantly reduced the laboratorys capacity to process and report test results to clinical teams. Consequently, over 800 planned operations and 700 outpatient appointments have been rescheduled across the two most affected Trusts Kings College Hospital NHS Foundation Trust and Guys and St Thomas NHS Foundation Trust. The agency acknowledged in its recent update Where there is a ransomware attack, there is always a risk that cyber criminals also access data. Alongside work on restoring services, investigations are continuing to establish any possible impact to data. Responding to the cyber attack, the NHS England London declared a regional incident and has been coordinating work across affected services, as well as with neighboring providers and national partners, to manage disruption. Despite the disruptions, the majority of planned medical activities have proceeded, although some specialties have been more affected than others. This included coordinating mutual aid to ensure patients needing time-sensitive care can receive it, including having operations at other hospitals; working with Synnovis and trusts to find ways to increase the number of tests that can be reported per day, while also working with other pathology services to reroute blood tests from GP surgeries. This is currently in place for practices in Lambeth and Southwark and will be rolled out to other boroughs as soon as possible, and working with NHS Blood and Transplant to provide extra stocks of universal blood types. Urgent and emergency services in the local area are...

... (truncated for display)

Quick Facts

Company:: Synnovis
Date:: June 3rd, 2024
Status:: Resolved
Decision Maker:: Chris Streather
Position:: medical director for NHS London
Published:: 18/06/2024

Source Information

Original Query

corporate governance changes after major ransomware attack

View Original Source

Timeline

Information Published

18/06/2024

Incident Occurred

June 3rd, 2024 (476 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats