LONDON (Reuters) - Britain’s National Health Service (NHS) said it had suffered a major cyber attack on Friday, disrupting surgeries and hospitals, mainly in England.
The NHS said it had been hit with malicious software known as ‘ransomware’ that locks up computers and demands payment to restore access, but that so far it did not believe patient data had been accessed.
Below is what is known about the incident so far. For the latest updates, see:
** Hospitals have reported major disruption to their IT systems. People have been asked not to visit unless they need immediate medical attention.
** The attacks span the length of England. The NHS said 16 of its organisations - some containing several hospitals - have been affected.
** It was not immediately clear whether patients had suffered as a result of the attack. Some regional NHS trusts said they had cancelled cancer and outpatient appointments scheduled for the weekend.
** In addition to London, there have been media reports of disruption in Northumbria in the northeast, Merseyside in the northwest, and Essex in the south. There are no reports of attacks on hospitals in Scotland or Wales so far. A handful of local doctor surgeries in the south of Scotland had been affected, Scottish newspapers said.
** The NHS said it believed the malware variant was called “Wanna Decryptor”.
** Spain’s government also warned on Friday that a large number of its companies had been attacked by ransomware cyber attacks.
** The NHS said it did not have any evidence that patient data had been accessed.
** A reporter from the Health Service Journal said the attack had affected x-ray imaging systems, pathology test results, phone and bleep systems, and patient administration systems.
** Britain’s National Crime Agency said it was investigating the attack.
** In January, the Barts Health NHS Trust - which runs major London hospitals - suffered an IT attack caused by a computer virus rather than ransomware.
** Freedom of Information (FOI) requests revealed that 30 percent of NHS Trusts had suffered a ransomware attack, according to security firm SentinelOne in January. No NHS Trusts reported paying a ransom or informed law enforcement of the attacks; all preferred to deal with the attacks internally, said SentinelOne, which received responses from 94 of 129 NHS Trusts.
Compiled by Andy Bruce, Additional reporting by Kate Holton, Michael Holden and David Milliken; editing by Stephen Addison