A360
Key Takeaways✦ Atlas AI
01
A ransomware attack nearly two years ago continues to severely disrupt South East London's healthcare, with one NHS trust still using manual pathology processes, causing extensive backlogs and delayed diagnoses.
02
The attack's long-term impact includes over 160,000 delayed pathology reports, patient safety incidents, and unavailable patient data in the London Care Record, highlighting critical infrastructure vulnerabilities.
03
The incident, which involved data theft and a patient death potentially linked to the attack, underscores the devastating and prolonged consequences of cyberattacks on essential public services like healthcare.
Atlas AI
A ransomware attack from nearly two years ago is still affecting healthcare delivery in South East London, with at least one NHS trust continuing to operate without fully restored pathology systems. Officials said the trust is relying on manual methods to request tests and return results, rather than using normal digital workflows.
The prolonged disruption has created a large operational backlog. Data shows more than 160,000 pathology reports have been delayed, adding pressure to clinical teams that depend on laboratory information to make decisions. Clinicians have been advised not to assume blood test results will be available on time, which officials said raises the risk of diagnoses being missed or made later than they otherwise would be.
ATLAS SIGNAL│Cybersecurity│High│1–3 months
35d
Extended Cyberattack Recovery Highlights Vulnerability of Critical Infrastructure
The prolonged disruption to London's NHS pathology systems following a nearly two-year-old ransomware attack underscores the significant and lasting vulnerability of critical national infrastructure, particularly healthcare, to cyber threats. The reliance on manual processes and delayed reporting creates substantial operational backlogs and compromises patient care, demonstrating the long-term impact that sophisticated cyberattacks can have beyond initial remediation efforts.
1 story
Patient safety issues have also been recorded. Officials said incidents have included incorrect results and delays in reporting, underscoring how laboratory systems sit at the center of routine and urgent care. The continuing reliance on manual processes can increase the chance of administrative errors and slows the flow of information between laboratories and frontline services.
The impact extends beyond individual hospitals because information-sharing has been affected. Officials said pathology reports for patients of the impacted trust are not available through the London Care Record, a shared system used across NHS organizations. That gap can limit visibility for clinicians working across different sites and services, particularly when patients move between providers.
The incident also involved data theft and publication. Officials said sensitive patient information was taken and released, affecting nearly one million individuals. The combination of service disruption and data exposure highlights how cyber incidents can create both immediate operational strain and longer-lasting consequences for patient privacy and trust in public services.
At King’s College Hospital NHS Foundation Trust, officials said one patient death was reviewed and the cyberattack was identified as a contributing factor, while direct causation was not established. Investigations into the incident and into wider healthcare system resilience are ongoing, according to officials.
For markets and policymakers, the sustained disruption illustrates the long tail of cyberattacks on critical infrastructure. The episode shows how recovery can remain incomplete long after the initial breach, with knock-on effects for service performance, risk management, and the governance of shared digital records across large health systems.
