Another 'major cyber incident' at a UK hospital, outpatients asked to stay away

A UK hospital is declaring a "major incident," cancelling all outpatient appointments due to "cybersecurity reasons."

The Wirral University Teaching Hospital NHS Trust, located in North West England, said the so-called "incident" affects the whole Trust, which oversees Wirral Women and Children's Hospital, Clatterbridge Hospital, and Arrowe Park Hospital.

Although the tech problems began on Monday, officials confirmed to The Register it is still dealing with the fallout as of Tuesday morning. 

All outpatient appointments were canceled on Monday and the same decision was made today, according to Arrowe Park and Clatterbridge's social media posting. All patients whose appointments were canceled will be contacted to rearrange them.

Officials remain tight-lipped about the specifics, although locals were asked to only attend the hospitals' emergency departments for genuine emergencies which include chest pains, choking, and serious injuries.

The Register also understands the issue is affecting the wider hospital departments, not just accident and emergency - exactly how it is manifesting is still under wraps.

We asked a Wirral University Teaching Hospital foundation trust spokesperson whether the incident involved ransomware, but they deferred to the official statement:

The Trust added that business continuity processes are in place. The Register pressed the Trust's officials for more details, such as whether outside help has been drafted, whether the NCSC/NCA were informed, and for how long the issues are expected to persist, and we will update the story as we learn more.

It has been a tough year for the NHS on the cybersecurity front. Two major attacks hit NHS services in England and Scotland this year, most recently in London with Qilin's ransomware strike on pathology services provider Synnovis.

The attack was carried out in June and it wasn't until October that the NHS began saying the majority of services were back up and running. 

More than 10,000 appointments and nearly 2,000 procedures were canceled across the five-month period, which also saw numerous urgent appeals for blood donors issued due to the attack's impact on systems used for cross-matching blood transfusions. Type O-negative and Black heritage blood was particularly in demand.

Some patients were affected more than others.

• Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals
• 'IT failure' hits blood tests as another critical incident declared by NHS
• Second NHS IT system confirmed to be affected by CrowdStrike issues
• Cancer patient forced to make terrible decision after Qilin attack on London hospitals

The attack on Synnovis came just months after INC Ransom's hit on NHS Scotland, specifically the NHS Dumfries and Galloway board, which said it did not give in to the attackers' demands.

CEO of the Scottish health board, which oversees healthcare orgs across the Dumfries and Galloway region, Julie White said patient care wasn't disrupted as a result of the February intrusion, but acknowledged that criminals had accessed and uploaded thousands of people's data to their leak site.

INC claimed to have stolen 3TB worth of the Scottish health org's data and White confirmed in a letter to those affected that the attackers stole millions of files. She warned victims of the potential for extortion and phishing, as well as the mental health repercussions that could arise due to the data's publication. ®