concept w - stock.adobe.com

NHS blood stocks running low after ransomware attack

The NHS is appealing for people with O Positive and O Negative blood types to come forward to donate as hospitals in London struggle to keep critical services running after ransomware attack

The NHS is calling for O Positive and O Negative blood donors to come forward immediately to replenish stocks of blood following the Qilin ransomware attack on diagnostics and pathology services provider Synnovis, which has disrupted patient care in London.

The incident has left Guy’s and St Thomas’ and King’s College NHS Foundation Trusts, and other NHS bodies in south east London, struggling to provide a normal service to patients, with some diverted elsewhere amid delays to procedures and surgeries.

Because Synnovis’s IT systems remain out of action, the affected hospitals cannot match patients’ blood at the same frequency as usual. Due to blood used in transplants having a shelf life of just over a month, stocks must be continuously topped up, and more than usual will be needed for the time being for procedures and surgeries needing blood to take place.

O Positive and O Negative blood types are needed because O Positive, the most common blood type, found in 35% of people, can be given to anybody with any positive blood type – about 76% of people; while O Negative, found in 8% of people and also known as the universal blood type, can be given to anybody, and is used in emergencies or when a patient’s blood type is not known. It is generally carried by paramedics in ambulances, and makes up around 15% of all blood used in the NHS.

“Patient safety is our absolute priority,” said NHS Blood and Transplant chief medical officer Gail Miflin. “When hospitals do not know a patient’s blood type or cannot match their blood, it is safe to use O-type blood.

“To support London hospitals to carry out more surgeries and to provide the best care we can for all patients, we need more O Negative and O Positive donors than usual,” she said. “Please book an urgent appointment to give blood at one of our 25 town and city donor centres which currently have good appointment availability. We have availability for donors who know they are type O but we also welcome new donors who don’t yet know their blood type. You might have one of these special types that can be used in emergencies.”

Miflin said there are 13,000 appointments available nationally this week at NHS Blood Donor Centres, about 3,400 of them in London. More information on blood donation, including how to sign up and get an appointment, is available here.

Disruption continues

A week after the cyber attack on Synnovis first came to light, the affected parts of the NHS continue to operate under significant strain.

Stephen Powis, NHS England medical director, said: “NHS staff are continuing to go above and beyond to minimise the significant disruption to patients following the ransomware cyber attack on Synnovis.

“Urgent and emergency services are available as usual, so patients should access services in the normal way by dialling 999 in an emergency, and otherwise use NHS 111 through the NHS App, online or on the phone,” he said.

“But unfortunately, we know that a number of operations and appointments have been postponed or diverted to other neighbouring hospitals not impacted by the cyber attack, as we prioritise pathology services for the most clinically urgent cases,” said Powis.

Ryan McConechy, chief technology officer of Barrier Networks, said: “If anyone needed proof that cyber attacks have real-world, physical consequences, then this appeal from the NHS surely provides it.

“The ransomware attack on Synnovis is clearly having a devastating impact on patients, with hospitals now being unable to match blood types in order to carry out surgeries and important medical procedures,” he said. “This shows the attack is not only affecting a key supplier of the NHS, but it is now also putting peoples’ lives at risk.”

Synnovis has provided no further information on the cyber attack beyond what it shared on 4 June, so it’s unclear how remediation efforts are proceeding. However, added McConechy, if the attack has indeed caused a complete outage, the impacts on the NHS could be long-lasting.

Read more on Data breach incident management and recovery