- Wirral University Teaching Hospital reports major cyber incident
- Apparent attack forces hospital to shut down its IT systems to contain the damage
- All non-emergency appointments were cancelled
A major UK hospital has suffered a cyberattack that brought most of its systems offline and severely crippled its operations.
In a statement, Wirral University Teaching Hospital (WUTH) revealed, “a major incident has been declared at the Trust for cyber security reasons.”
As a result, most appointments have been cancelled, with the statement adding, “our business continuity processes are in place, and our priority remains ensuring patient safety. All outpatient appointments scheduled today are cancelled. We apologize for any inconvenience and we will contact our patients as soon as possible to rearrange.”
Attackers yet to be identified
“We urge all members of the public to attend the Emergency Department only for genuine emergencies. For non-urgent health concerns, please use NHS 111, visit a walk-in center, urgent treatment center, your GP, or pharmacist.”
Speaking to the Liverpool Echo, a staff member said “everything” went offline. “Everything is done electronically so there’s no access to records, results or anything so we are having to do everything manually, which is really difficult. The damage is huge.”
WUTH is a major healthcare provider in the Wirral Peninsula, in the north-west of England. It is a National Health Service (NHS) trust that manages several healthcare facilities, with its primary site being Arrowe Park Hospital in Upton, Wirral.
The nature of the attack has not been disclosed. However, when an organization is forced to shut down parts, or the entire IT infrastructure, it is usually done to protect the systems from data theft and/or encryption. Therefore, it is safe to assume that this was either a ransomware attack, a data grab, or both.
At press time, no threat actors assumed responsibility for the attack, and we don’t know if they managed to steal the Trust’s sensitive data.
Due to the nature of the information they hold, healthcare organizations are one of the most attacked targets in the business world today.