# NHS Still Reeling from 2024 Ransomware Attack Internal documents show that at least one **NHS** trust is still operating without fully restored systems following the June 2024 ransomware attack on **Synnovis**, impacting patient care and safety. ## The Attack and Its Immediate Impact The attack, attributed to the **Qilin** ransomware group, severely impaired blood testing across South East London. Hospitals were forced to cancel operations and delay treatment, and blood supplies were critically affected. Sensitive patient data was also stolen and published, potentially exposing information of nearly one million patients, some with conditions like cancer and sexually transmitted infections. Notification of the data breach was significantly delayed for many patients. ## Lingering Disruptions and Patient Safety While **NHS England** stated that services had been restored by the end of 2024, freedom of information responses indicate that at least one trust, **South London and Maudsley NHS Foundation Trust (SLaM)**, has not fully recovered. **SLaM's** pathology systems remain unrestored, forcing staff to rely on paper processes and manual uploads. As of early January 2026, an estimated 161,560 pathology reports were delayed in being entered into patient records. Clinicians at **SLaM** were warned not to rely on the timely return of blood results, with critical results communicated by phone and full reports delivered as paper or PDFs. Pathology reports for **SLaM** patients have also been unavailable in the **London Care Record**, a shared system across **NHS** organizations. ## Patient Safety Incidents and Impact Assessment **SLaM** reported 122 patient safety incidents related to incorrect, unavailable, or delayed pathology results as of January 2026. While the trust is working to mitigate risks, workaround processes carry inherent risks, including delays and transcription errors. Other trusts reported varying impacts, from canceled appointments to no recorded harm. The most serious outcome occurred at **King's College Hospital NHS Foundation Trust**, where a patient death was considered to have the cyberattack as a contributing factor due to a delay in receiving a blood test result. ## Ongoing Investigations and Resilience Concerns The **Information Commissioner’s Office** investigation into the **Synnovis** incident is ongoing. The **Health Services Safety Investigations Body (HSSIB)** is investigating how healthcare organizations respond to electronic patient record system failures. A recent study by **King's College London** highlighted broader concerns about the resilience of **NHS** systems to disruption, emphasizing the cascading effects of cyber incidents on clinical care. The study identified ransomware as the most significant current cyber threat to the **NHS** and warned of the risks posed by supply-chain dependencies.