Medway IT systems yet to be restored after cyber scare
- 18 December 2024
- IT systems at Medway Community Healthcare have yet to be restored following suspicious activity on 2 December 2024
- Medway since confirmed that āfollowing deep-dive research, there has been no evidence of unauthorised access to patient dataā
- It is now āgradually and carefully reconnectingā some of its priority patient IT systems
The IT systems at Medway Community Healthcare have not yet been restored following a suspected cyber attack, Digital Health News has learned.
Medway announced on 2 December 2024 that an investigation was ongoing and it had disconnected its IT systems to āprotect patient and staff dataā after detecting āsuspicious activityā.
Following the incident, Medway told Digital Health News on 17 December that all of its IT systems are yet to return to normal, but the organisation is āworking methodically and carefully to restore themā.
An update published on 13 December said: āWe want to thank our patients for their understanding and support as we have worked through our ongoing IT incident. Our staff have worked hard to maintain our services, and to provide care to our communities.
“We appreciate that the IT outage has resulted in delays and some disruption over the past week and want to thank everyone involved.
“Our focus has understandably been on continued safe and effective care, while NHS England oversaw a thorough and in-depth specialist investigation.
“This investigation has taken some time but we’re pleased thatĀ following deep-dive research, there has been no evidence of unauthorised access to patient data.
“As a result, we are now carefully and gradually reconnecting some of our priority patient systems, meaning that you should see things begin to return to normal.
āThis will not be immediate and will not apply to all systems at present, so please bear with us as we adjust and reset.”
It adds that patients will still beĀ required to have a paper form for blood tests.
The IT incident followed a cyber attack at Alder Hey Childrenās NHS Foundation TrustĀ on 28 November 2024, which alsoĀ impacted Liverpool Heart and Chest Hospital and Royal Liverpool University Hospital.
A major incident “for cyber security reasons” was also declared at Wirral University Teaching Hospital NHS Foundation Trust on 25 November 2024.
In anĀ update published on its website on 4 December, the trust said that the incident had been stepped down to a business continuity incident and it was in the process of reinstating its main clinical system following the cyber security incident.
Richard Horne, the new head of the National Cyber Security Centre (NCSC) called for the need for sustained vigilance earlier this month.
In a speech on 3 December 2024, Horne highlighted the impact of cyber attacks, referencing the ransomwareĀ attack on pathology provider Synnovis in June 2024.
āIn the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents.
āThe attack against Synnovis showed us how dependent we are on technology for accessing our health services,ā Horne said.
