Birmingham-based NHS IT supplier Advanced has confirmed that ransomware was the cause of last week's cybersecurity incident, which disrupted its customers' IT systems.
The security issue was discovered on the 4th August, and has directly or indirectly impacted a number of customer services. For the NHS these include Adastra, Carenotes, Caresys, Crosscare, Odyssey, Staffplan and eFinancials.
Adastra is used to refer patients for care, including ambulance dispatch, scheduling after-hours appointments, and issuing emergency prescriptions. Carenotes gives clinicians immediate access to patient records for both adult and youth mental healthcare services.
Advanced is currently working to restore services for its customers, but disruption could continue for 'at least' three to four more weeks.
The company says it will notify customers when any new information about possible data access or exfiltration are available.
A source told HSJ the attackers had made "some demands" following the attack, although details are not available. The company remained mum about any ransom payments.
Advanced says there was 'nothing to suggest that our customers are at risk of malware spread and believe that early intervention from our incident response team contained this issue to a small number of servers.'
A number of government agencies, including the National Crime Agency and GCHQ, are working together to determine the level of damage the attack may have caused.
Since the attack was discovered, NHS 111 employees have had to resort to using pen and paper and other manual processes to manage calls, resulting in delays.
Leaders of impacted mental health Trusts - of which t ..
Support the originator by clicking the read the rest link below.
