Qilin’s ‘Political Protest’ Cyberattack on NHS Launched Last Year Leads to One Patient’s Death 

• A patient's death at King's College Hospital has been linked to the June 2024 NHS ransomware attack
• They specifically targeted Synnovis, which manages lab and blood testing for London NHS facilities
• The NHS cyber attack by the Qilin ransomware group caused widespread disruption, canceling over 10,000 appointments

A year after the Qilin ransomware group targeted Synnovis, which offers laboratory and blood testing services to the National Health Service (NHS), the full human cost of the attack is now becoming clear. Reports of a casualty linked to the incident have now emerged.

A patient died after waiting for blood test reports, and a pathology service was delayed partly due to Qilin’s ransomware attack. Qilin, meanwhile, stole data of over 900,000 patients, which included test reports.

The patient was receiving healthcare at King's College Hospital NHS Foundation Trust, an NHS facility. They died unexpectedly during the cyberattack on June 3, 2024. Further details about the patient were not revealed for confidentiality. 

The gang spoke to the BBC about the ransomware attack in June 2024 and apologized for the harm caused, while maintaining their actions were a ‘political protest.’

In an attempt to justify their actions, they stated that the cyberattack was carried out as revenge for the UK government’s actions in an undisclosed war.

The ransomware attack on Synnovis directly compromised the hospital’s ability to handle blood tests, leading to delays and contributing to the patient's death.

Commonly referred to as the NHS cyberattack, it was launched on June 3, 2024. This resulted in delayed blood testing across multiple NHS hospitals and GP surgeries. 

Furthermore, over 10,000 appointments had to be canceled by the NHS, with several affected patients yet to be formally informed about the exposed data. 

“Blood shortages across England worsened following the incident, as hospitals were forced to rely on universal donor blood types due to testing constraints,” a Halcyon research report read.

Qilin’s cyber attack was not just administrative but had clinical consequences. It led to nearly 600 incidents, with patient care suffering in 170 of these.

Mark Dollar, CEO of Synnovis, expressed deep sadness, stating, "We are deeply saddened to hear that last year's criminal cyber attack has been identified as one of the contributing factors that led to this patient's death. Our hearts go out to the family involved.”

Healthcare data breaches are a crisis that must be addressed collectively by the government (through staff training) and cybersecurity vendors (by providing detection tools and incident response plans). It is time healthcare providers and their vendors strengthen and adhere to every cybersecurity protocol to prevent further loss of life.