Pathology services provider Synnovis has rebuilt “substantial parts” of its systems since the ransomware attack on June 3, 2024, restoring critical blood supplies to NHS hospitals.
Despite this, the NHS issued an alert over blood supply shortages on July 25.
However, in an update on July 25, Synnovis revealed it has made significant progress in its restoration work following the incident, enabling more of its laboratories to reconnect to the systems that facilitate blood test orders and return results electronically.
This means core chemistry and hematology services, including coagulation studies, have been restored at King’s College and Princess Royal University Hospitals in London, UK.
Restoration of these services for Guy’s and St Thomas’, Royal Brompton and Harefield Hospitals is expected in the week commencing July 29.
“Whilst we continue to ask service users to manage testing requests carefully as we complete final systems checks, we expect to be able to increase the numbers and types of tests shortly. This is a significant step forward in services recovery and in the carefully phased and clinically safe approach to bringing all our systems back online,” the company wrote.
Synnovis added that blood transfusion services will continue to be stabilized over the summer, with full restoration anticipated by early Autumn.
Commenting on Synnovis’ update, Dr Chris Streather, Medical Director for NHS London, welcomed the restoration progress made, and said he expects to soon start to see faster turnaround times for most routine blood tests.
“Despite the challenges, most services are now working at near-normal levels, including in outpatients, day cases and non-elective care. This means it’s important that patients with booked appointments continue to attend unless they have been contacted to say otherwise,” noted Streather.
The attack on Synnovis, a third-party supplier of pathology services to a number of hospitals in South East England, has severely impacted the delivery of services such as blood transfusions and test results, resulting in thousands of operations and appointments being cancelled.
Stolen Data Being Investigated
The attack has been claimed by ransomware group Qilin, which purportedly published 400GB of data stolen from Synnovis on June 20.
The data reportedly included patient names, NHS numbers and descriptions of blood tests.
Additionally, business account spreadsheets have been uploaded, detailing arrangements between hospitals and GP services and Synnovis. The threat actor threatened to publish further exfiltrated data if its ransom demands were not met.
In its latest update, Synnovis revealed that a taskforce of external IT experts is continuing to verify the published data.
“We will provide updates as the investigation progresses, and should the investigation determine that personal or sensitive information was published, we will inform affected individuals in line with our obligations as a data controller,” the firm stated.
Investigations are also continuing into how the attack was carried out.
NHS Issues Alert Over Blood Supply Shortage
In its latest update on the incident on July 25, NHS England revealed that the incident has caused the postponement of 1608 elective procedures and 8349 acute outpatient appointments at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust alone so far since June 3.
On the same day, NHS Blood and Transplant issued an ‘Amber Alert’ to NHS hospitals, asking them to restrict the use of O type blood to essential cases and use substitutions where clinically safe to do so.
The shortage of O type blood stocks has been caused by the “perfect storm” of increased demand of O type blood from hospitals due to the Synnovis attack and reduced collections due to high levels of unfilled appointments at donor centres in town and city centers.