NHS 111 Services Disrupted by Cyberattack on Managed Service Provider

The National Health Service (NHS) in the United Kingdom is currently dealing with a cyberattack on one of its managed service providers, Advanced.

Birmingham-based Advanced helps operate NHS 111 services. NHS 111 is a web and telephone service where patients can get quick health and mental health information on non-urgent medical matters. Advanced detected the cyberattack on Thursday, August 4, 2022, and has confirmed it has affected its Adastra client patient management solution, which is used by 85% of NHS 111 services.

The cyberattack has caused a major outage of the Adastra system that is used to refer patients to out-of-hours GP providers and has resulted in disruption to patient referrals, appointment bookings, and some other operations. The NHS says that while the issues are being resolved, the NHS 111 service remains available; however, without access to the IT system staff have been forced to record patient information using pen and paper.

The NHS said it has contingency plans for situations such as this and that those plans have been tried and tested. The NHS will continue to monitor the situation and has been working closely with Advanced while the company resolves the issues with its software system as quickly as possible.

“We can confirm that the incident is related to a cyber-attack and as a precaution, we immediately isolated all our health and care environments,” said Advanced CEO Simon Short in a statement to the BBC. Short said prompt action by the Incident Response Team confined the attack to around 2% of its infrastructure and said the incident may not be resolved until this week.

The incident has affected NHS 111 services across the country and has resulted in calls taking longer to be answered than normal, so the public has been advised to try to use the web-based service rather than dial 111. The NHS has confirmed that the cyberattack has not affected the 999-emergency telephone service.

The exact nature of the cyberattack has not been confirmed but it has the hallmarks of a ransomware attack. At this stage of the investigation, it is unclear if, and to what extent, data has been compromised.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news