Theresa May: Patients records ‘not compromised’ in NHS cyber attack


Theresa May said the British Government is not aware of any evidence that patient records have been compromised in the massive cyber attack on the NHS.

The British Prime Minister said the ransomware hit was “not targeted” at the health service but was part of a wider assault on organisations across a number of countries.

The National Cyber Security Centre (NCSC) is working to support the NHS.

Mrs May said: “We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.

“This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.

“The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety.

“And, we are not aware of any evidence that patient data has been compromised.

“Of course it is important that we have set up the National Cyber Security Centre and they are able to work with the NHS organisations concerned and to ensure that they are supported and patient safety is protected.”

Hospitals and GP surgeries in England and Scotland were among at least 16 health service organisations hit by a ransomware attack, using malware called Wanna Decryptor – with reports potentially dozens more were affected.

Staff were forced to revert to pen and paper and use their own mobiles after the attack affected key systems, including telephones.

Pictures posted on social media showed screens of NHS computers with images demanding payment of $300 worth of the online currency Bitcoin, threatening to delete files within seven days.

A spokesman for NHS Digital, which manages health service cyber security, said: “At this stage, we do not have any evidence that patient data has been accessed.

“We will continue to work with affected organisations to confirm this.”

He added the attack “was not specifically targeted at the NHS and is affecting organisations from across a range of sectors”.

The attack came as several companies in Spain were hit by ransomware attacks. Telecoms firm Telefonica was one of those reporting problems.

English hospitals and clinical commissioning groups (CCGs) in London, Blackpool, Hertfordshire and Derbyshire were among those to report problems.

In Scotland, NHS Greater Glasgow and Clyde, NHS Dumfries and Galloway and NHS Forth Valley said some of their GP surgeries have been caught up in the incident.

NHS Lanarkshire and NHS Western Isles also confirmed they have been affected.

First Minister Nicola Sturgeon is to chair a resilience meeting on the issue.

At the Royal London Hospital operations were cancelled and staff were ordered not to touch their computers.

Wheelchair-bound Richard harvey, 50, told how he was forced to leave his ward after a procedure on hip injuries sustained in a motorcycle accident three years ago was postponed.

Mr Harvey, who spent all day fasting ahead of surgery, told the Press Association a nurse told him at 4.50pm, adding: “I was very disappointed, I had been waiting all day.

“I was very nervous, I am quite a nervous person when it comes to things like this, I was quite disappointed and hungry.

“I would like them to come up a bit earlier and say it has been cancelled, I could have had something to drink a lot earlier.”

A Barts spokesman said it was experiencing “major IT disruption” and delays at all four of its hospitals.

He added: “We are very sorry that we have to cancel routine appointments, and would ask members of the public to use other NHS services wherever possible.
“Ambulances are being diverted to neighbouring hospitals.”

United Lincolnshire Hospitals NHS Trust said it was cancelling all outpatient, endoscopy, cardiology and radiology weekend appointments because of the attack, which had affected Lincoln County Hospital, Pilgrim Hospital and Grantham Hospital.

Mark Brassington, its chief operating officer, said: “We will be diverting some emergency cases to local hospitals which are not affected by the attack, where possible.

“We ask patients to only come to our A&Es if absolutely necessary.

Wanna Decryptor is a piece of malicious software that encrypts files on a user’s computer, blocking them from view and threatening to delete them unless a payment is made.

The virus is usually covertly installed on to computers by being hidden within innocent-looking emails containing links, which users are tricked into opening.

Security chiefs and ministers have repeatedly highlighted the threat to Britain’s critical infrastructure and economy from cyber attacks.

Last year the Government established the NCSC to spearhead the country’s defenses.

In the three months after the centre was launched there were 188 “high-level” attacks as well as countless lower-level incidents.

Chancellor Philip Hammond disclosed in February that the NCSC had blocked 34,550 potential attacks targeting UK Government departments and members of the public in six months.

Dr Anne Rainsberry, NHS Incident Director, said: “We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need.

“More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing.”

It is understood that several health trusts turned their computer systems off as a precautionary measure, rather than being shut down by the attack.

This has led to speculation that the total number of organisations crippled by the ransomware is not as high as some figures reported.

One health trust is believed to have been included among those hit by the malicious software – despite it actually suffering from a separate IT malfunction.

North Lincolnshire and Goole NHS Foundation Trust confirmed its three hospitals had been hit by the virus.

Kent Community Health Trust and Sherwood Forest Hospitals Trust said they had not been directly affected – but had shut their system down when they were alerted to the attack.

This was said to have had a knock-on effect for hospital staff, who were forced to return to pen and paper.

A spokeswoman from the West Hertfordshire Hospitals Trust said, contrary to reports, they had not been the victim of the cyber attack, instead suffering an unrelated server problem.

Global couriering company FedEx said it had also been infected by the ransomware.

A spokeswoman said: “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware.

“We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.