.svg)
The NHS faced a challenging 2024, with a series of cyberattacks and data breaches that disrupted healthcare services and exposed sensitive patient information. Below is a timeline of the most notable incidents.
In March, NHS Dumfries and Galloway suffered a ransomware attack that led to the theft of three terabytes of data, including confidential patient records. When the health board refused to pay the ransom, the attackers published the stolen information on the dark web. This incident highlighted the growing threat of ransomware to healthcare organisations.
On June 3, Synnovis, a pathology services provider for King’s College Hospital and Guy’s and St Thomas’ NHS Foundation Trust, was targeted by the Russian cybercriminal group Qilin. The attack caused severe disruptions:
This attack underscored the vulnerability of third-party providers in the NHS ecosystem.
In July, a global IT outage related to CrowdStrike affected multiple organizations, including NHS trusts. This incident disrupted access to digital records and delayed non-urgent surgeries and appointments. Although not a direct cyberattack, the outage highlighted the NHS's dependence on external IT services and its vulnerability to upstream issues.
In September, the National Data Guardian and NHS England announced an updated Cyber Resilience Framework for health and social care organizations. The framework aims to bolster cybersecurity practices and ensure better protection of systems and data across the NHS.
In late November, Alder Hey Children’s NHS Foundation Trust experienced a significant data breach. Information, allegedly obtained illegally from systems shared with Liverpool Heart and Chest Hospital NHS Foundation Trust, was published online and circulated on social media. The trust worked with the National Crime Agency to investigate and secure its systems.
Alder Hey confirmed that its services remained operational and stated that the breach was not linked to another ongoing cyber incident in Merseyside.
On November 25, Wirral University Teaching Hospitals declared a "major incident" following a targeted cyberattack. The trust isolated affected systems as a precaution, reverting to manual processes to continue services. Although the attack disrupted digital systems, the hospital emphasised its efforts to minimise the impact on patient care.
By late 2024, the Synnovis attack’s impact became clearer, with the Department of Science, Innovation and Technology (DSIT) introducing the Cyber Security and Resilience Bill, scheduled for Parliament in 2025. This legislation aims to address gaps in cybersecurity defences for critical public services, including the NHS.
In a statement on September 30, 2024, the DSIT highlighted the bill’s urgency, referencing attacks like the Synnovis breach as proof of the NHS’s critical need for robust defences.
Despite these incidents, NHS England’s executive director of national cybersecurity operations, Mike Fell, noted that cyberattacks against the NHS may have plateaued or are declining. However, these attacks highlight the need for stronger cybersecurity measures.
The UK government has pledged to address this with the upcoming Cyber Security and Resilience Bill, slated for introduction in 2025. The bill aims to fill gaps in the UK’s defences and prevent attacks on critical public services.
Additionally, the updated cyber resilience framework for health and social care, introduced in September 2024, outlines best practices for safeguarding systems and patient data.
The NHS experienced a wide range of cyber incidents in 2024, from ransomware attacks to IT outages and data breaches. These events highlight the importance of proactive cybersecurity measures, including legislative efforts like the Cyber Security and Resilience Bill and updated resilience frameworks.
To prevent incidents like those affecting the NHS in 2024, Periculo’s Managed Security Services offer proactive measures such as 24/7 threat monitoring, advanced endpoint protection, regular security assessments, and robust incident response planning. Our solutions include data encryption, offline backups, and strict access controls to mitigate ransomware attacks and data breaches. By integrating third-party supplier assurance and business continuity planning, we ensure resilience against IT outages and cyber threats. With Periculo, healthcare organizations can protect sensitive data, maintain operational continuity, and build trust. Learn more.
Contact Periculo for expert cyber security solutions tailored to the digital health industry.
.png)