Barts Health Trust, the largest NHS hospital trust in England has been hit by a ransomware virus.
The virus, which is thought to have infected thousands of files, was revealed to staff at the trust via email that warned of a ‘ransomware virus attack issue’.
Parts of the IT system have been shut down as a precaution and the attack is being handled by engineers.
A trust spokesperson told Digital Health News: “We are urgently investigating this matter and have taken a number of drives offline as a precautionary measure. We have tried and tested contingency plans in place and are making every effort to ensure that patient care will not be affected.”
The trust, which operates four hospitals in east London: The Royal London, St Bartholemew’s, Whipps Cross and Newham, said that it was making “every effort” to avoid disruption to the patients.
Some of the systems, such as its file sharing system between departments, have been turned off as the issue is investigated.
The trust said that neither its Cerner Millennium patient admin system or the clinical system for radiology had been affected.
This is the second ransomware attack to hit the NHS in the past few months, after attacks were made at the Northern Lincolnshire and Goole NHS Foundation Trust in November.
That attack crippled the trust’s systems for four days, which led to the cancellation of 2800 appointments.
The attack in November is still being investigated by police.
Pete Banham, cyber resiliency expert at Mimecast, said: “The ransomware attack on Barts Health Trust reads like a textbook example. Without proper technical controls it only takes one person to open a malicious email attachment and the attacker is in. For healthcare organisations, the stakes are especially high. If attackers can gain or deny access to sensitive and very personal files, patient safety is on the line.
“Cybercriminals are incredibly sophisticated at using email for attack and bypassing traditional security procedures.
“Bowing to these hacker’s ransom demands only emboldens and finances them for further attacks. Only by adopting a cyber resilient approach can organisations recover quickly from this type of attack.”