A software outage affecting the NHS 111 service was caused by a cyber-attack, it has been confirmed. Advanced, a firm providing digital services for NHS 111, said the attack was spotted at 07:00 BST on Thursday.
The attack targeted the system used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings and emergency prescriptions, but the NHS said disruption was minimal.
The National Crime Agency said it was “aware of a cyber incident” and was working with Advanced.
“A security issue was identified yesterday, which resulted in loss of service,” said Advanced boss Simon Short. “We can confirm that the incident is related to a cyber-attack and as a precaution, we immediately isolated all our health and care environments.” He said the issue had been contained “to a small number of servers”.
Advanced has indicated the issue might not be fully resolved until next week.
Family doctors in London were warned by NHS England they could see an increased number of patients sent to them by NHS 111 due to the “significant technical issue”, industry magazine Pulse reported. It said a letter to GPs in the capital stated the problem was affecting the electronic referral process for patients.
Cyber security expert Robert Pritchard told the BBC the attack was likely to have been ransomware. Ransomware gangs – who encrypt vital data and demand a ransom in order to get the information decrypted – have been routinely targeting schools and hospitals.
The Welsh Ambulance Service has warned it may take longer for calls to be answered over the weekend.
It said: “There is a major outage of a computer system that is used to refer patients from NHS 111 Wales to out-of-hours GP providers. The ongoing outage is significant and has been far-reaching, impacting each of the four nations in the UK.”
An NHS England spokesperson said there was currently minimal disruption and it was monitoring the situation.
“NHS 111 services are still available for patients who are unwell, but as ever if it is an emergency please call 999,” they said.
A Scottish Government spokesperson said it was aware of reported disruption to one of NHS Scotland’s IT suppliers’ systems and is “working with all health boards collaboratively on a four nations basis with the National Cyber Security Centre and the supplier to fully understand potential impact”.
It said “continuity plans” are in place.
A spokesperson for Northern Ireland’s Department of Health said they are working to keep disruption to a minimum.
“As a precaution, to avoid risk to other critical systems and services, access to the company’s services from the HSC (Health and Social Care system) has been disabled, while the incident is contained,” they said.