Skip navigation

NEWS: NHS Ransomware Cyberattack

On Friday 12 May 2017 a number of NHS organisations reported they had been affected by a ransomware cyberattack, which had affected a number of different organisations.

The cyberattack has been reported as a coordinated global ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday. The attack involved a malicious software blocking victims from accessing data and demanding a ransom in exchange for access being returned.

23 NHS organisations in England and Scotland, including many trusts and hospitals, had been affected by the ransomware attack, forcing the NHS to cancel operations and close GP surgeries, with non-emergency procedures suspended and ambulances services diverted.

Up to 74 countries have been affected by the ransomware cyberattack, with tens of thousands of computers thought to be affected worldwide.

The National Cyber Security Centre released a statement today stating: “Since the global coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday, there have been no sustained new attacks of that kind.  But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks. This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale.”

NHS Digital has released an update on the situation today stating:

“Our Data Security Centre continues to work around the clock alongside the National Cyber Security Centre, to support NHS organisations that have reported any issues related to this cyber-attack.

In addition to providing 24/7 specialist support, we have issued a number of targeted bulletins to further support, guide and reassure NHS staff with cyber-security responsibilities in their organisations.

NHS Digital is continuing to expand the range of data security services it offers in support of NHS organisations; helping them to take appropriate cyber security measures and respond effectively and safely to cyber security threats.

We continue to alert NHS organisations to known cyber security threats and advise them of appropriate steps to take to minimise these risks, such as in the case of this issue.

In addition to protective real time monitoring of national NHS IT services and systems, which were unaffected by this issue, we are supporting NHS organisations by:

  •  undertaking cyber security testing and providing bespoke advice and action points.
  •  offering training for their health and care staff to ensure they know the simple steps to help to keep their organisation secure.”

NHS Digital has also released the latest guidance for NHS on protecting against cyber attack:

Dr Anne Rainsberry, NHS Incident Director, said: “We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E  or access emergency services in the same way as they normally would and staff will ensure they get the care they need. More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing. NHS Digital are investigating the incident and across the NHS we have tried and tested contingency plans  to ensure we are able to keep the NHS open for business.


NHS England: NHS England statement on reported NHS cyber attack

NHS Digital: Latest News of Cyberattack

National Cyber Security Centre: Latest statement on international ransomware cyber attack

Future events of interest:

National Data Security Standards for Health and Social Care: Information Governance Summit 2017
Monday 26 June 2017
De Vere West One Conference Centre, London

Caldicott Guardian Training Course
2017 Dates in London, Exeter and Manchester  

Caldicott Guardian Leadership Summit: First Annual Leadership Summit
Wednesday 18 October 2017 
The Studio Conference Centre, Birmingham

Caldicott Guardians: National Annual Conference 2018
Monday 14 May 2018 
De Vere West One Conference Centre, London

15 May 2017


    Partner Organisations

    The Tavistock and Portman NHS Foundation TrustInPracticeClinical Audit Support CentrePlayoutJust For Nurses
    GGI (Good Governance Institute) accredited conferences CPD Member BADS (British Association of Day Surgery) accredited conferences