Major incident declared after NHS cyber attack (Updated 15/05)

The NHS has declared a major incident after a cyber attack on a number of hospital and GP surgeries across England.

The attack means staff cannot access patient data, which has been scrambled by ransomware. There is no evidence patient data has been compromised, NHS Digital has said.

NHS England said there was a “complex emerging picture”, amid concerns over thousands of computers being switched back on after the weekend.

Seven trusts out of 47 that were hit are still facing serious issues, but patients have been told to turn up for appointments, unless advised otherwise.

The latest statement issued by NHS Digital reads:

We are continuing to work around the clock to support NHS organisations that have reported any issue due to yesterday’s cyber-attack.

We have received no reports of patient data being compromised.

We are not publishing a list of those we are assisting at this stage; given the situation is changing and impacting organisations in a range of different ways. For instance we are aware some bodies, which range from practices to trusts, may have suspended selected systems purely as a precautionary measure.

We are aware of widespread speculation about the use of Microsoft Windows XP by NHS organisations, who commission IT systems locally depending on population need.

While the vast majority are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7 per cent, with this figure continuing to decrease.

This may be because some expensive hardware (such as MRI scanners) cannot be updated immediately, and in such instances organisations will take steps to mitigate any risk, such as by isolating the device from the main network.

Our focus remains on assisting organisations, working closely with the National Cyber Security Centre, the Department of Health, NHS England and NHS Improvement.

The attack on the NHS is part of a global ransomware campaign that has attacked a number of organisations around the world.

Guidance documentation for NHS organisations impacted by the cyber incident can be accessed here.

Related reading