Londonâs Lifeline Under Siege: Ransomware Fallout Still Haunts NHS Hospitals
Eighteen months after a devastating cyberattack, South East Londonâs healthcare system is still battling broken systems, backlogs, and patient safety risks.
On a humid June morning in 2024, Londonâs hospitals woke to chaos. Blood tests couldnât be processed. Operations were cancelled. Behind the scenes, clinicians scrambled to keep patients safe as a ransomware attack crippled Synnovis - the NHSâs main pathology provider for South East London. Nearly two years later, the digital scars remain, and the story is far from over.
The Qilin ransomware groupâs attack on Synnovis didnât just freeze computers - it froze the very processes modern medicine relies on. Lab results, the backbone of diagnosis and treatment, were suddenly inaccessible. Hospitals canceled surgeries, delayed procedures, and watched blood stocks dwindle to precarious levels. For patients, this meant uncertainty, anxiety, and in some cases, real danger.
Internal documents reveal the recovery has been uneven. While most trusts in South East London report normal service, South London and Maudsley NHS Foundation Trust (SLaM) continues to limp along using paper records and manual uploads. As of January 2026, more than 161,000 pathology reports were still waiting to be entered into digital patient records. Staff at SLaM have worked heroically, but the risks are ever-present: delays, transcription errors, and even patient misidentification.
âItâs been a challenge for staff and services,â admits Professor Derek Tracy, SLaMâs chief medical officer. The trust has logged 122 incidents where delayed or incorrect pathology results put patients at risk - grim evidence of how critical IT systems are to patient safety.
The attackâs reach extended beyond operational disruption. Sensitive health data for nearly a million patients - including information on cancer diagnoses and sexually transmitted infections - was stolen and published online. Many affected individuals were not notified until late 2025, raising questions about transparency and crisis management.
The ripple effects were felt across the region. Lewisham and Greenwich NHS Trust canceled over 11,000 appointments. At Kingâs College Hospital, a patient death was attributed in part to delays caused by the cyberattack - a stark reminder that in healthcare, every minute counts. Yet, experts caution itâs often impossible to draw a direct line between a cyber incident and a clinical outcome, given the complexity of modern care.
Nationally, the Department of Health and Social Care recorded six major cyber incidents in 2024, two of which put over 50 patients at potential clinical risk. The Health Services Safety Investigations Body (HSSIB) is now probing how well NHS organizations cope when forced to abandon digital records and revert to manual processes - a scenario that, as this crisis shows, can have life-or-death consequences.
Research from Kingâs College London warns the NHS remains dangerously exposed to future attacks, as services become ever more dependent on interconnected digital systems. The Synnovis case is a sobering lesson in the real-world fallout of ransomware - and the urgent need for resilience in healthcareâs digital backbone.
As the NHS continues to patch the holes left by Qilinâs assault, the lesson is clear: in a world where patient care depends on seamless data access, cybersecurity is no longer just an IT issue - itâs a matter of life and death.
WIKICROOK
- Ransomware: Ransomware is malicious software that encrypts or locks data, demanding payment from victims to restore access to their files or systems.
- Pathology: Pathology in cybersecurity means analyzing abnormal system behaviors to uncover, understand, and address the root causes of security threats or incidents.
- Business continuity: Business Continuity is a company's ability to keep running during and after disruptions, like cyberattacks, by having effective plans and recovery strategies.
- Supply: A supply chain attack targets third-party vendors or services to compromise multiple organizations by exploiting trusted external relationships.
- Integrated care board: An integrated care board is an NHS body coordinating health services regionally, bringing together organizations to plan, fund, and improve care for local populations.
