Barts Health, which operates five London hospitals, said ransomware was not behind the disruption
Barts Health, England’s largest NHS trust, confirmed it has been hit by an online attack that may affect thousands of patient files across at least four London hospitals, but said the disruption was not caused by ransomware.
The trust, which runs the Royal London, St Bartholomew’s, Whipps Cross, Mile End and Newham hospitals in east London, said it became aware of the attack on Friday and that it had taken some systems offline as a “precautionary measure”.
“Importantly, we can now rule out ransomware as the root cause,” the trust said in a statement on its website.
The trust’s core clinical system, Cerner Millennium, as well as radiology and x-ray imaging and scanning systems continued to be used as normal, relying on “tried and tested” contingency plans to ensure patient care wouldn’t be affected.
In response to the incident the trust said it sent a message to staff urging them not to open email attachments from unknown senders.
It said it believed most of the affected system was housing corporate data and that it has turned off the filing system between departments while it investigates the attack.
Royal Free London foundation trust staff were also warned to be wary of email attachments on Friday in an email from trust IT director Tosh Mondal, according to a report in The Guardian.
Data security threat
The organisation said its warning was a precaution in response to the Barts attack and that it had not been directly affected.
NHS Digital said it was aware of the attack on Barts and that it was working to ensure the continued security of patient data. “This issue highlights the fact that there are threats to data security within the health and care sector, as with any other sector,” the organisation said in a statement.
The Northern Lincolnshire and Goole foundation trust was hit by a ransomware attack in October that forced it to cancel patient appointments while it restored the affected systems.
“Local authorities and governments aren’t very prepared and they have extremely valuable information that simply can’t be lost, so they’re a tempting target for cybercriminals,” stated John Bambenek, a threat intelligence manager at the firm Fidelis Cybersecurity.
Jonathan Martin, EMEA operations director at Anomali, said organisations “have to realise that not only will they be compromised in the future, they almost certainly already have been. So, we need to start thinking along different lines about how we deal with such breaches.
“Education of staff as well as adding in multiple sources of threat intelligence to monitor applications is a great place to start – this reduces the average 200+ days to identify a breach down to a much smaller number and distils malicious activity into actionable data that can help protect organisations going forward.”
Do you know all about security? Try our quiz!