Back

Ongoing Disruption from Qilin Ransomware Attack on NHS Vendor

Severity: High (Score: 68.0)

Sources: Technadu, Databreaches

Summary

In June 2024, the Qilin ransomware syndicate infiltrated Synnovis, a pathology provider for the NHS, causing significant disruptions in healthcare services. As of early 2026, the South London and Maudsley NHS Foundation Trust (SLaM) is still experiencing operational challenges, with digital pathology systems remaining offline. Internal documents reveal a backlog of approximately 161,560 unfiled pathology reports and 122 patient safety incidents linked to the attack. The breach has led to reliance on manual processes for laboratory results, severely impacting patient care and safety. Notably, diagnostic delays contributed to a patient fatality in 2025. Additionally, other NHS trusts are still dealing with the ramifications of this attack, highlighting the urgent need for improved cybersecurity measures in healthcare. Recent breaches at NHS Scotland and DXS International further underscore ongoing vulnerabilities in the sector. Key Points: • The Qilin ransomware attack on Synnovis in June 2024 continues to disrupt NHS services 18 months later. • SLaM has over 161,560 unfiled pathology reports and has recorded 122 patient safety incidents due to the breach. • A patient fatality in 2025 was linked to delays in diagnostic testing caused by the ransomware attack.

Key Entities

  • Ransomware (attack_type)
  • DXS International (company)
  • King's College Hospital NHS Foundation Trust (company)
  • Lewisham And Greenwich NHS Trust (company)
  • NHS Scotland (company)
  • South London And Maudsley NHS Foundation Trust (company)
  • Synnovis (ransomware_group)
  • Devman (ransomware_group)
  • Qilin (ransomware_group)
  • Scotland (country)
  • Healthcare (industry)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed