Norfolk and Norwich University Hospitals investigating cyber attack

  • 25 July 2024
Norfolk and Norwich University Hospitals investigating cyber attack
  • Norfolk and Norwich University Hospitals NHS FT is investigating a cyber incident
  • It is not thought that patient data has been compromised
  • Trust is "awaiting further information" from NHS England's cyber incident response team

NHS England’s cyber security operations centre is investigating a cyber security incident at Norfolk and Norwich University Hospitals NHS Foundation Trust.

The trust confirmed that the incident on 17 July 2024 had been “detected and terminated”.

Ed Prosser-Snelling, chief digital information officer at Norfolk and Norwich University Hospitals, said: “Having consulted with regional and national teams, at this stage, we do not believe that any data has been removed from the trust.

“However, a full forensic investigation is underway and we are awaiting further information from the NHS England cyber incident response team.

“The national cyber security response team are currently working closely with our internal teams around the clock to make sure that our systems are protected and when further updates are available these will be made”.

He added that “enhanced measures” for protecting the trust’s systems are in place and that services at the hospitals are continuing to run as normal.

An NHS England spokesperson told Digital Health News: “The cyber security incident affecting Norfolk and Norwich University Hospitals NHS Foundation Trust has been contained and has not had an impact on patient care.

“Our cyber security operations centre is working with the trust to investigate.”

The cyber incident came as the NHS Norfolk and Waveney Acute Hospital Collaborative, which includes Norfolk and Norwich University Hospitals, announced that it had signed an £88 million deal with Meditech for an electronic patient record system.

It is the latest cyber attack on the NHS, following a ransomware attack on pathology provider Synnovis by Russian group Qilin in June 2024, which disrupted health services in south east London and led to thousands of appointments and operations being postponed.

Meanwhile, NHS Dumfries and Galloway sent a leaflet on 17 June warning almost 150,000 patients to assume that their personal data is likely to have been stolen and published online following a cyber attack in March 2024.

A ransomware group targeted the Scottish health board and published around three terabytes of stolen patient data on the dark web when its demands were not met.

Speaking at the NHS Confed Expo in Manchester on 12 June 2024, Mark Edwards, chief information security officer at Digital Health and Care Wales predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.

The government announced plans to introduce a new Cyber Security and Resilience Bill which will better protect data supply chains to public services, in the King’s Speech on 17 July 2024.

Subscribe To Our Newsletters

Subscribe to our newsletter

Subscribe To Our Newsletter

Related News

More than 5,000 NHS Scotland data breaches since 2023

More than 5,000 NHS Scotland data breaches since 2023

More than 5,000 data breaches have been recorded across NHS Scotland health boards since January 2023, according to a FOI investigation.
More than half of patients report easy GP access through NHS App

More than half of patients report easy GP access through NHS App

More than half of patients said it was easy to contact their GP practice using the NHS App, the latest GP Patient Survey results show.
North East and Yorkshire trusts adopt tech for faster scan results

North East and Yorkshire trusts adopt tech for faster scan results

NHS England is expanding the rollout of Hexarad to help patients in the North East and South Yorkshire receive hospital scan results faster.