Ransomware disruptions contributed to a patient death, NHS finds – 1v1 Video Chat & LIve Streaming & Influencer Subscription

Tech Radar Pro

Tech Radar Gaming

Tech Radar Pro

TechRadar the business technology experts

Search TechRadar

View Profile

België (Nederlands)

Deutschland

North America

US (English)

Australasia

New Zealand

Expert Insights

Website builders

Web hosting

Best website builder
Best web hosting
Best office chairs
Best antivirus
Expert Insights

Recommended reading

NHS recruitment firm had major security bugs which could have exposed entire systems

The growing shadow in healthcare: securing the vulnerable supply chain

Ransomware attacks can’t be eliminated, but collaboration can increase resilience

Major data breach at McLaren Health Care sees 743,000 patients affected – here’s what we know

Nearly half of companies say they pay up ransomware demands – but here’s why that could be a bad idea

UnitedHealth is now asking doctors to repay the loans it gave out following major hack

Why paying the ransom is not the answer

Ransomware disruptions contributed to a patient death, NHS finds

Ellen Jennings-Trace

26 June 2025

The attack caused severe disruptions to care

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Image credit: Shutterstock
(Image credit: Shutterstock)

A ransomware attack targeted a healthcare organisation in the UK
The disruptions to patient care tragically contributed to a patient death
Criminals target critical services as they are likely to pay the ransom

Ransomware attacks are devastating for victims, but this has now reached a new and tragic level, with the UK’s National Health Service (NHS) confirming that an attack on London hospitals in 2024 that forced ambulances to be diverted and disrupted blood testing has contributed to a patient’s death.

This attack targeted Synnovis, a London-based pathology service, and cybercriminal group Qilin caused severe disruptions to the blood-testing services, and the delay in a blood test was a ‘contributing factor’ to the death of a patient.
Around 800 operations and 700 outpatient appointments were cancelled or rescheduled due to the attack, and personal information such as names, dates of birth, NHS numbers, and even blood test data is suspected to have been compromised and published in the incident.

You may like

NHS recruitment firm had major security bugs which could have exposed entire systems

The growing shadow in healthcare: securing the vulnerable supply chain

Ransomware attacks can’t be eliminated, but collaboration can increase resilience

Tragic consequences
Cybercriminals target critical infrastructure such as hospitals because they are likely to pay ransoms in order to get services up and running with minimal disruptions in order to protect patients, but this, of course, requires a level of disruption no matter what.

“One patient sadly died unexpectedly during the cyber-attack,” confirmed the King’s College Hospital NHS Foundation Trust.
“As is standard practice when this happens, we undertook a detailed review of their care. The patient safety incident investigation identified a number of contributing factors that led to the patient’s death. This included a long wait for a blood test result due to the cyber-attack impacting pathology services at the time. We have met with the patient’s family, and shared the findings of the safety investigation with them.”
It’s said that Qilin, the ransomware gang, demanded $50 million from Synnovis in return for the stolen data, but reports suggest that Synnovis either refused or failed to pay the ransom, and the data was then published online.

Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
This is in line with the Government’s ransomware payment ban for public organizations, which aims to dissuade ransomware gangs from targeting public services.
Via The Record
You might also like

Take a look at our picks for the best malware removal software around
Check out our choice for the best antivirus tools on offer
Russia-linked Qilin group says it was responsible for London hospitals cyberattack

Ellen Jennings-Trace

Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

NHS recruitment firm had major security bugs which could have exposed entire systems

The growing shadow in healthcare: securing the vulnerable supply chain

Ransomware attacks can’t be eliminated, but collaboration can increase resilience

Major data breach at McLaren Health Care sees 743,000 patients affected – here’s what we know

Nearly half of companies say they pay up ransomware demands – but here’s why that could be a bad idea

UnitedHealth is now asking doctors to repay the loans it gave out following major hack

Latest in Security

Nearly half of companies say they pay up ransomware demands – but here’s why that could be a bad idea

Windows users warned of major security issue – here’s why FileFix attack could be a big concern

SonicWall warns of fake VPN apps stealing user logins and putting businesses at risk – here’s what we know

A free service to protect US critical infrastructure against Russian cyber attacks has ended – but did it shut down just a touch too soon?

Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

This dangerous new malware is hitting iOS and Android phones alike – and it’s even stealing photos and crypto

Latest in News

Many IT heads want to ditch US cloud services – but does the UK have an alternative?

Senua’s Saga: Hellblade 2 Enhanced gets an official August launch date and PS5 release

Are you worried about AI? It’s about to get worse as study shows people now speak like ChatGPT

Google’s new Gemini AI model means your future robot butler will still work even without Wi‑Fi

I’ve been telling you AR glasses will be awesome, and this real-life ad blocker is yet another reason why I’m right

Surfshark reaffirms its commitment to user privacy in independent audit