NHS hospitals and GP practices across England and Scotland have been hit by a ransomware cyberattack. Hospital staff have been forced to turn off their computers and switch to pen and paper systems until the problem has been fixed.
Shortly after midday on 5 May, a piece of ransomware known as Wanna Decryptor appeared on the screens of hospital computers. The malicious software claimed to have encrypted the contents of the computers, locking staff out, and demanded a $300 (£230) ransom to be paid via the anonymous virtual currency bitcoin.
At the time of publication, it was reported that as many as 40 NHS organisations and GP practices have been affected. Those identified so far are as follows:
- Northumbria Healthcare
- North Cumbria Hospitals
- Morecambe Bay Hospitals
- Blackpool Hospitals
- Southport Hospital
- East Lancashire Trust
- Barts Hospital
- East and North Hertfordshire
- Derbyshire Community Health
- University Hospitals North Midlands
- North Essex Partnership University
- London North West Healthcare Trust
- York Hospitals
- East Cheshire Trust
- Aintree University Hospitals
- The Royal Liverpool and Broadgreen Hospitals Trust
- Liverpool Community Trust
- Watford General
- Broomfield Hospital, Essex
- Lister, Stevenage
- Northwick Park, north west London
- St Bartholomew and Royal London
- Colchester General Hospital
- Norfolk and Norwich
- James Paget, Norfolk
- Queens Hospital, Burton
- UHNM, Royal Stoke
Hospitals in Wales are believed to be unaffected by the attack, along with Worcestershire and Oxford hospitals.
A statement published by NHS Digital said at least 16 NHS organisations had reported that they have been affected by a ransomware attack.
The statement added: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. At this stage we do not have any evidence that patient data has been accessed.
"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected. Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."