England and Scotland have been hit by a large-scale cyberattack that has compromised National Health Service (NHS) facilities in both countries, including radiology services, according to news and social media reports from affected facilities. As many as 25 NHS facilities and some general practitioner (GP) offices have been affected.
The attack is in the form of ransomware that is preventing staff from accessing patient data, although there is no evidence the data have been compromised, NHS Digital told the BBC. The attack on healthcare facilities is part of a larger-scale attack targeting organizations worldwide. U.K. Prime Minister Theresa May is being kept informed of the situation, while Health Secretary Jeremy Hunt is being briefed by the National Cyber Security Centre, according to news reports.
Twitter posts from affected facilities are warning that x-ray imaging systems are being affected, as well as pathology test results, the telephone, and patient administration systems. Some facilities are shutting down as a precaution, while others are prioritizing urgent pathology, another Twitter post said.
Hearing some worrying fears from NHS staff of PACs systems being down which could affect CT scan, x-ray and key trauma imaging info
— Shaun Lintern (@ShaunLintern) May 12, 2017
Malware attack is affecting x-ray imaging systems, pathology test results, phone & bleep systems & patient administration systems. Massive!
— Shaun Lintern (@ShaunLintern) May 12, 2017
Other social media reports have circulated images showing computer screens bearing a message that the user cannot enter the computer system without first paying a $300 ransom in Bitcoin.
Some ambulances have been diverted, and patients are being warned to avoid some accident and emergency services departments, according to reports.
In its statement, NHS Digital said the attack was believed to be carried out by the malware variant Wanna Decryptor. The NHS does not believe it is being specifically targeted, according to the statement.
"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health, and NHS England to support affected organizations and ensure patient safety is protected," it said. "Our focus is on supporting organizations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."
Affected organizations include Northumbria Healthcare, North Cumbria Hosptals, Morcamb Bay Hospitals, Blackpool Hospitals, Southport Hospital, East Lancashire Trust, Barts Health, East and North Hertfordshire, Derbyshire Community Health, University Health North Midlands, North Essex Partnership University FT, London Northwest Healthcare Trust, and York Hospitals, according to Twitter accounts.
News reports also said Spanish and Portuguese companies, including Spain's largest telecom operator, Telefónica, experienced a similar attack. There were other reports of ransomware attacks in countries including Italy and Ukraine.