UK’s NHS Says Ransomware Contributed to Patient Death

A ransomware attack launched by the Qilin cybercrime group in June 2024 against a major pathology testing services provider in London had fatal consequences, with the National Health Service (NHS) confirming the incident contributed to a patient’s death.  

The cyberattack crippled blood testing capabilities across multiple NHS hospitals, causing severe delays in diagnostics and disrupting critical care workflows, The Record reports.

King’s College Hospital NHS Foundation Trust acknowledged that one patient “sadly died unexpectedly during the cyberattack,” adding that a “long wait for a blood test result” was among several contributing factors.  

A full investigation was conducted, and findings were shared with the affected family, though further details were withheld to protect patient confidentiality.

The fallout extended well beyond one incident. The attack was one of two NHS-related breaches in 2024 officially recognized as posing risks of clinical harm, the other impacting a university teaching hospital that delayed cancer treatments.

In addition to care disruption, Qilin’s extortion campaign exposed sensitive health data from over 900,000 individuals, including test results revealing conditions like sexually transmitted infections and cancer.  

According to breach analysts, leaked files contained names, birthdates, NHS numbers, and contact information. Yet, a year after the breach, affected patients still haven’t been notified of what data was compromised. Blood shortages across England worsened following the incident, as hospitals were forced to rely on universal donor blood types due to testing constraints.

Takeaway: This is no longer just a cybersecurity issue, it’s a public health crisis. A patient has died as a direct result of delays caused by a ransomware attack that paralyzed blood testing across multiple hospitals. That’s not speculation or FUD, it’s been confirmed by the hospital itself, which cited a delayed test result as one of the contributing factors to the death.

This should put to rest any lingering notion that ransomware is just an IT or data protection problem. It’s a matter of life and death.

The reality is, we’ve seen this coming. Studies have already drawn a straight line between ransomware attacks and negative patient outcomes, including higher rates of complications and increased mortality.  

One study documented a 33% jump in mortality rates per month among Medicare patients at hospitals impacted by ransomware. Between 2016 and 2021, it was estimated that ransomware attacks contributed to as many as 67 patient deaths.

And it doesn’t stop at the targeted facility, there is a blast radius. When hospital systems go down, patient care gets diverted across the regional network. That surge strains neighboring hospitals, clogs emergency departments, and slows everything from diagnostics to treatment. The ripple effect becomes a shockwave, degrading care far beyond the initial blast zone.

This latest tragedy reinforces what cybersecurity professionals have long warned: ransomware doesn't just disrupt systems—it endangers lives.

Halcyon eliminates the business impact of ransomware. Modern enterprises rely on Halcyon to prevent ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal data, and extort companies – talk to a Halcyon expert today to find out more, and check out our quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.