What started as a behind-the-scenes cyberattack on an NHS pathology provider has now been linked to something far more serious — the unexpected death of a patient.
A new review has revealed that delays caused by the June 2023 ransomware attack had tragic consequences for at least one individual under NHS care.
A Ransomware Breach With Real-Life Impact
The attack targeted Synnovis, a major pathology firm that handles lab testing for several NHS hospitals across London.
When their systems went down, blood tests and diagnostic results were severely delayed — triggering a wave of more than 1,000 cancelled operations and a backlog that spread across hospitals and GP services in six boroughs.
What the Harm Review Revealed
For months, NHS organisations including Guy’s and St Thomas’, King’s College Hospital, Lewisham and Greenwich, and several mental health trusts have been conducting a harm review.
And now, one particularly heartbreaking outcome has emerged: a patient died during the crisis.
King’s College Hospital NHS Foundation Trust confirmed to the Health Service Journal that the delay in receiving blood test results, caused directly by the cyberattack, was a contributing factor in the patient’s death.
The exact date and details of the individual have been withheld for confidentiality reasons.
GPs Were ‘Flying Blind’ During the Crisis
Doctors at the time described the situation as “flying blind,” without access to critical test data.
The attack brought transfusions and blood-matching procedures to a halt for three full months at both Guy’s and St Thomas’ and King’s College hospitals.
In response, the hospitals had to rely on universal blood supplies — a last-resort approach that severely depleted stocks across London. The shortage got so bad that a nationwide appeal had to be launched to restock.
170 Patients Affected – But One Case Stands Out
South East London’s Integrated Care Board confirmed that 170 cases of potential patient harm had been linked to the cyberattack — most were classified as “low harm.”
But this one fatality has put the spotlight on just how critical digital infrastructure is to modern health care.
The Attack Could Have Been Prevented
Adding to the frustration is the fact that the attack likely could have been avoided.
According to the Health Service Journal, the breach might have been prevented with something as basic as multi-factor authentication — a common security step already used in everyday online banking and shopping.
In the wake of the breach, Synnovis revealed it suffered £33 million in financial losses.
However, it has not confirmed whether a ransom was paid to the hackers.
NHS Cybersecurity Now Under Scrutiny
Last month, Phil Huggins, the NHS’s chief cyber security officer, issued a public letter urging all NHS suppliers to strengthen their defences.
Multi-factor authentication and regular security testing are now being pushed as standard practice.
Mark Dollar, Synnovis’s CEO, acknowledged the tragedy, saying:
“We are deeply saddened to hear that last year’s criminal cyberattack has been identified as one of the contributing factors that led to this patient’s death. Our hearts go out to the family involved.”
Who Was Behind the Attack?
The ransomware attack was carried out by Qilin, a cybercriminal group with suspected ties to Russia.
After breaching Synnovis’s systems, the group released 400GB of stolen data — yet another stark reminder of the devastating ripple effects cybercrime can have on real people.
A Tragic Reminder in a Digital Age
This incident serves as a harsh wake-up call. Digital attacks aren’t just about stolen files or financial loss. When it comes to healthcare, the fallout can be fatal.
And for one family, the consequences are irreversible.