A UK NHS Trust has declared a major incident and has cancelled all outpatient appointments, citing “cybersecurity reasons.”
Wirral University Teaching Hospital (WUTH) has also urged the public to only attend its Emergency Department for “genuine emergencies” while it responds.
A spokesperson for the NHS Trust said on November 25: “A major incident has been declared at the Trust for cybersecurity reasons. Our business continuity processes are in place, and our priority remains ensuring patient safety.”
The Trust responsible for a group of hospitals in northwest England, including Arrowe Park Hospital, Clatterbridge Hospital, and Wirral Women and Children’s Hospital.
An update on the Trust’s X (formerly Twitter) account on November 26 confirmed that all outpatient appointments remain cancelled across its sites.
🚨 Incident Update 🚨
— Wirral NHS Hospitals - Arrowe Park & Clatterbridge (@WUTHnhs) November 26, 2024
We are responding to a cyber security issue. Patient care remains our priority.
All outpatient appts today are cancelled—we will contact you to rearrange.
Please attend A&E only for emergencies.
For non-urgent care use NHS 111, a GP walk-in or pharmacist. pic.twitter.com/Yh7NO79Tsi
No other details about the nature of the incident have been provided at the time of writing and it has not been confirmed as a cyber-attack.
Local newspaper, the Liverpool Echo, quoted one staff member at the Trust as saying: “Everything is down. Everything is done electronically so there’s no access to records, results or anything so we are having to do everything manually, which is really difficult. The damage is huge."
NHS Hospitals Under Cyber Siege
The incident WUTH is the latest in a line of damaging cyber events impacting UK NHS Hospitals in 2024.
A ransomware attack on pathology provider Synnovis in June caused the cancellation of thousands of elective procedures and acute outpatient appointments at several London hospitals. Sensitive patient data was reportedly exfiltrated by the attackers.
In March, Scottish NHS Trust Dumfries and Galloway confirmed that patient clinical data was accessed and published online by hackers after a ransomware attack on its systems.
Commenting on the latest incident, Spencer Starkey, Executive VP of EMEA at SonicWall, explained that the healthcare sector is a prime target for cybercriminals, particularly ransomware actors, due to the sensitive data held and potential to cause significant real-world disruption and harm.
“Not only do these attacks risk the potential for exposed patient data, but any significant IT issue that halts patient care poses an immediate threat to life. The ramifications of an attack on the healthcare sector can be disastrous and it's important to place the utmost amount of time, money and efforts on securing them," he commented.
Trevor Dearing, Director of Critical Infrastructure at Illumio, commented, "In the case of [WUTH], it is positive to see business continuity plans in place, but any compromise to patient services can put lives at risk. It’s vital that all hospitals focus on reducing the impact of attacks by building containment capabilities to reduce the impact on critical services.”