This site is intended for health professionals only

Practices recover from NHS cyber attack shut down

GP practices and other NHS services around England that were forced to close for several days following the ‘cyber attack’ on the NHS computer system have now reopened.


Some GP practices had to close from 12 May while staff at other NHS services also found themselves unable to work.

Dr George Farrelly, a GP in East London, said his practice did not have access to patient records and could not prescribe medicines when news of the attack broke on Friday (12 May).

Dr Farrelly, who works at the Tredegar practice in Tower Hamlets, said his practice had ‘heard something might happen’ earlier in the day so had printed the appointment list.

He said: ‘I am going to see my patients, but of course we cannot access any records and can’t prescribe.’

Meanwhile, Dr Neil Paul, a GP in Cheshire, took a computer screenshot of the error message caused by the attack, which requested $300 worth of Bitcoins, the online currency.

He said that in his area around ‘half’ of practices were affected by the attack, including some cases of ‘whole practices’ being forced to shut down.

NHS response

NHS England said it ‘is continuing to work with GP surgeries to ensure that they are putting in place a range of measures to protect themselves’.

Its national incident director, Dr Anne Rainsberry, said: ‘The message to patients is clear: the NHS is open for business. Staff are working hard to ensure that the small number of organisations still affected return to normal shortly.’

NHS Digital has released updated guidelines for protecting NHS organisaitons from cyber attack.

A spokesperson said: ‘We remain vigilant in alerting NHS organisations to known cyber security threats and advising them of appropriate steps to take to minimise these risks; in addition to protective near real time monitoring of national NHS IT services and systems, which are unaffected by this issue.

‘Our Data Security Centre continues to work around the clock alongside the National Cyber Security Centre, to support NHS organisations that have reported any issues related to this cyber-attack.’

North East England

GP practices in the North East, which were impacted by the ‘cyber attack’ on the NHS, were unable to use their IT systems for five days between 12-17 May.

An NHS update for the North East and North Cumbria said after four days that GP practices across the region were ‘still asking patients to consider delaying contacting their practice unless they really need to for the next few days to allow time to clear backlogs caused by the cyber-attack’.

It said: ‘There were no infected computers in North East GP practices and the priority through this international malware incident was to protect the NHS computer network, clinical systems and patient data – and this was done very successfully.’

A total of 39 NHS services across England and Scotland were affected by the incident. Seventy-four countries, including the UK, US, China, Russia, Spain, Italy and Taiwan, reported having the virus.

Theresa May said the attack was not targeted at the NHS, it was part of an international incident. And NHS Digital has said there is no evidence patient data has been compromised.

See how our symptom tool can help you make better sense of patient presentations
Click here to search a symptom

GP practices and other NHS services around England which were forced to close for several days following the ‘cyber attack’ on the NHS computer system, have now reopened.