NHS Lanarkshire was hit by another cyberattack on Friday (25 August) and the institution warned people with non-emergency medical conditions to avoid its hospitals "unless essential". The regional health board confirmed that "incidences of malware" had been detected in its IT systems, leaving staff unable to access the email system or appointments and causing procedures to be postponed.
The staff bank system and telephone were also offline due to the "IT issues".
It said it took "immediate action" to prevent it from spreading and working to resolve the issue whilst carrying out investigations into the attack.
"We are now putting in place a solution from our IT security provider," NHS Lanarkshire chief executive Calum Campbell said in a Facebook post."While the issue is being resolved our staff have been working hard to minimise the impact on patients and we apologise to anyone who has been affected".
The cyberattack is the second one affecting the health authority since the massive global WannaCry ransomware attack in May crippled its computer systems. NHS Lanarkshire was one of the worst-hit health boards in Scotland in that devastating international attack that wreaked havoc worldwide, infected more than 300,000 computers in 150 nations and encrypted millions of user files in exchange for a ransom.
However, a NHS Lanarkshire spokesperson said that the latest malware-laden attack is not "on the same scale" as the one in May.
"As far as we know this has just affected NHS Lanarkshire. It is not the same malware as in May", NHS Lanarkshire told Reuters.
Dr Jane Burns, medical director for the acute division, said: "I would ask that patients do not attend our hospitals unless it is essential. If you do turn up at A&E and do not require emergency care you may be sent away from the department or you may experience a lengthy wait.
"Emergency care will still be provided for those who do require to be seen."
One patient attending a GP appointment in Hamilton told the Evening Times that people were advised to leave if it was not an emergency since staff were unable to access patient records.
"Receptionists were asking people to only stay and wait to see a doctor if it was an emergency," the patient said. "They were unable to access anyone's notes or test results.
"The staff were really stressed but trying their best to help people. The main receptionist was super stressed about it and was saying it was a cyber attack, although I'm not sure that they had had it confirmed that it was."