.svg)
Merseyside residents were faced with a third day of significant disruption following a cyber attack on Wirral University Teaching Hospitals NHS Foundation Trust. The targeted attack, which began on 25 November 2024, has caused widespread operational challenges across key sites, including Arrowe Park and Clatterbridge Hospitals.
While emergency and maternity services remain operational, many outpatient appointments and surgical procedures have been postponed, leaving staff and patients grappling with significant uncertainty.
At 4:40 PM on 27 November 2024, the Trust provided an updated statement on the ongoing incident:
“We are working hard to rectify the issue after a major incident was declared at the Trust earlier this week following a targeted cyber security issue.
After detecting suspicious activity, as a precaution, we isolated our systems to ensure that the problem did not spread. This resulted in some IT systems being offline. We have reverted to our business continuity processes and are using paper rather than digital in the areas affected. We are working closely with the national cyber security services and we are planning to return to normal services at the earliest opportunity.
Our staff are working tirelessly to ensure that safe patient care remains our priority.
While services continue to be available, there has been disruption to planned services, for example, some scheduled appointments are affected. Unfortunately, we have had to postpone some procedures which will be rescheduled. The public are advised to continue to attend any scheduled appointments, along with their appointment letters, unless contacted otherwise.
The Trust continues to prioritise emergency treatment but there are likely to be longer than usual waiting times for unplanned treatment in our Emergency Department and assessment areas.
We urge all members of the public to attend the Emergency Department only for genuine emergencies. In an emergency, please call 999. For non-urgent health concerns, please use NHS 111, visit a walk-in centre, urgent treatment centre, your GP, or pharmacist.”
Although the Trust has not confirmed the nature of the cyber attack, its characteristics suggest a ransomware attack. These intentional breaches target organisations critical to public services, often seeking ransom payments in exchange for restoring systems.
Jake Moore, global cyber security advisor at ESET, commented on the growing threat:
“When hospitals are involved, genuine health issues can be affected, making this type of attack that much more sinister.”
Ransomware attacks have been on the rise globally, with a 2024 survey by Semperis revealing that 66% of healthcare organisations have paid ransoms. These incidents highlight the pressing need for robust cyber resilience and operational preparedness in the healthcare sector.
The Trust has taken proactive steps to contain the issue by isolating affected systems, reverting to manual processes, and implementing its business continuity plans.
Current operational updates include:
The Trust emphasises that patient safety remains their top priority, and efforts are underway to restore normal operations as quickly as possible.
This ongoing incident serves as a wake-up call for healthcare organisations to prioritise cyber security. Experts recommend:
Dan Lattimer of Semperis underscores the importance of preparation:
“Preparing now for inevitable disruptions will dramatically improve hospitals’ operational resiliency and better prepare them to turn away adversaries.”
The attack on Wirral University Teaching Hospitals highlights the need for robust cyber security in healthcare. Digital health systems are critical to patient care, and safeguarding them must be a top priority for organisations and policymakers alike.
For updates and resources on cyber security in healthcare, visit our blog or contact us today.
Contact Periculo for expert cyber security solutions tailored to the digital health industry.
.png)