LONDON, June 21, 2025 – A cyberattack on a major NHS laboratory services provider has been linked to the death of a patient, marking one of the most serious consequences yet of ransomware in UK healthcare.
Synnovis, which runs pathology and diagnostic services for multiple hospitals in southeast London—including King’s College Hospital and Guy’s and St Thomas’—was hit by ransomware in early June. The breach caused severe disruptions to lab testing, particularly in blood transfusion and cancer diagnostics.
The fatal impact
NHS officials confirmed that the service delays contributed to the death of at least one patient, though details remain confidential. It’s the first publicly acknowledged fatality connected to the incident, and it’s fueling urgent calls for upgraded digital security across the health system.
“We are deeply sorry to the family affected,” said a spokesperson from NHS London. “This attack has shown the fragility of critical systems in the face of cyber threats.”
Wider disruption
More than 800 non-urgent procedures have been postponed across hospitals affected by the Synnovis breach. Some services are still operating on emergency-only lab testing, with doctors reportedly forced to manually track blood compatibility and diagnostic timelines.
Cybersecurity analysts believe the attack was carried out by a Russian-linked group known as Qilin, which has previously targeted healthcare systems around the world.
A growing threat to healthcare
This attack is part of a global surge in ransomware targeting hospitals, research institutions, and medical providers. Experts say healthcare systems remain attractive targets due to outdated IT infrastructure and the high-stakes nature of medical services.
The UK’s National Cyber Security Centre is now working with Synnovis and NHS England to investigate the breach and prevent further damage. Meanwhile, patients and clinicians continue to face delays and backlogs.
What now?
NHS leaders are urging a national strategy to bolster healthcare cybersecurity, including better data protection, backup systems, and staff training. A formal review of digital vulnerabilities across the NHS is expected in the coming weeks.