2024 NHS Ransomware Attack Still Causes Healthcare Disruption, 122 Patient Safety Incidents Recorded
Published
Key Takeaways
- System outages: More than 18 months later, the NHS ransomware attack continues to cause severe cyberattack healthcare disruption across South East London hospitals.
- Pathology delays: South London and Maudsley NHS Foundation Trust still relies on manual data entry, delaying over 160,000 critical pathology reports.
- Clinical consequences: The breach elevated patient safety risks, contributing to over 120 safety incidents and at least one complex clinical fatality.
The June 2024 infiltration of pathology provider Synnovis by the Qilin ransomware syndicate remains a critical case study in cyberattack healthcare disruption. More than 18 months after the initial breach, the NHS ransomware attack continues to impair clinical workflows and diagnostic infrastructure across multiple South East London hospitals.
Prolonged Pathology System Outages
At the South London and Maudsley NHS Foundation Trust (SLaM), digital pathology systems remain offline. Clinical personnel are operating under extended business continuity protocols, necessitating the manual transcription of laboratory results.
Internal documents cited by The Record suggest that at least one NHS trust is still working with partially restored systems and substantial backlogs of delayed test results. As of early 2026, this infrastructure deficit has created a backlog of approximately 161,560 unfiled pathology reports.
Furthermore, data interoperability via the London Care Record remains compromised for SLaM patients, forcing clinicians to rely on telephonic communication for critical diagnostics and manual PDF uploads for standard results.
Escalating Patient Safety Risks
Internal SLaM documentation recorded 122 patient safety incidents directly correlated to unavailable, incorrect, or delayed laboratory data and more than 11,000 canceled appointments at Lewisham and Greenwich NHS Trust.
Most severely, King's College Hospital NHS Foundation Trust confirmed that diagnostic delays stemming from the breach acted as a contributing factor in one complex patient fatality, as Qilin’s “political protest” NHS cyberattack led to one patient's death in 2025 after waiting for blood test reports.
These severe patient safety risks highlight the cascading clinical consequences, reinforcing the critical need for resilient healthcare cybersecurity architectures.
In other news, an NHS Scotland domain was breached to host adult content and illegal sports streams, exposing infrastructure vulnerabilities earlier this month. In December, NHS tech provider DXS International confirmed a data breach claimed by the DevMan Ransomware group.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular