NHS cyberattack targets two UK ambulance services

26 Jul 2023

Image: © chalabala/Stock.adobe.com

While the hackers behind the cyberattack are not known, the breach has affected the systems of Swedish health-tech Ortivus.

Two NHS ambulance services in the UK have fallen prey to a cyberattack, reportedly rendering them unable to access electronic patient records for more than a week.

South Western Ambulance Service Foundation Trust and South Central Ambulance Service Trust, two trusts that work with the NHS and collectively serve an area with a population of approximately 12m, have been identified as victims of the cyberattack.

The breach has been traced back to the systems of Swedish health-tech company Ortivus, which provided the electronic patient record system to the NHS ambulance services.

Ortivus said in a statement the cyberattack happened on the evening of 18 July, when hackers broke into its datacentre environment and targeted customers using MobiMed ePR, an electronic patient record system.

“The electronic patient records are currently unavailable and are until further notice handled using manual systems,” it said. “No patients have been directly affected. No other systems have been attacked and no customers outside of those in the hosted datacentre have been affected.”

The company is now working with its customers to restore the systems and recover any lost data. “The organisation behind the cyberattack is not known at this stage and the incident has been reported to the authorities as a crime,” Ortivus added.

According to a BBC report, the NHS cybersecurity team is working with law enforcement to investigate the data breach. It is not clear who the hackers are or if any data has been stolen.

Simon Chassar, chief revenue officer at New York-based security company Claroty, said that the healthcare industry needs to be extra vigilant because it is “one of the few sectors where cyberattacks can fatally impact human life”.

“If a healthcare institute is unable to access patient data, they might not be able to perform surgeries or administer certain types of medicine – the result of which can be fatal,” Chassar argues, adding that healthcare organisations are now becoming increasingly digital.

“Therefore, it’s important to implement network segmentation so unnecessary connectivity and the movement of malware can be restricted, as well as real-time monitoring and analysis to identify anomalies and potential intrusions quickly.”

Earlier this month, an NHS health trust was targeted in a cyberattack that may have resulted in data from millions of patients being stolen.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Vish Gain was a journalist with Silicon Republic

editorial@siliconrepublic.com