Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, has suffered a cyberattack that caused a systems outage leading to postponing appointments and scheduled procedures.
The attack was disclosed publicly on Monday and the disruption continues.
WUTH is a public healthcare organization in the United Kingdom that operates the Arrowe Park Hospital, Clatterbridge Hospital, and Wirral Women and Children’s Hospital.
Collectively, these hospitals contribute to NHS Trust’s total of 855 beds and provide 24-hour emergency services, acute medical services, critical care, surgery, diagnostic services, pediatrics, maternity services, and cancer care.
The cyberattack forced WUTH to take some IT systems offline and switch to manual operations, which inevitably caused delays and service disruptions.
„We are working hard to rectify the issue after a major incident was declared at the Trust earlier this week following a targeted cyber security issue,“ reads the latest update.
„After detecting suspicious activity, as a precaution, we isolated our systems to ensure that the problem did not spread. This resulted in some IT systems being offline.“
„We have reverted to our business continuity processes and are using paper rather than digital in the areas affected,“ said a spokesperson for the organization.
Although services in the hospitals continue to be available, scheduled appointments and procedures have been rescheduled, and waiting times in emergency treatment have increased.
The hospital urges the public to visit the emergency department only if they have a genuine emergency to avoid burdening the system.
Meanwhile, an email from WUTH to staff members on Monday informed of a bleak situation and that restoring the systems would take a while.
„Everything is done electronically, so there’s no access to records, results or anything, so we are having to do everything manually, which is really difficult,“ a hospital member told ECHO, also noting that „the damage is huge.“
According to the same source, patients visiting Arrowe Park were told that X-rays, treatments, and surgeries are currently unavailable, and there’s no estimate for when the hospital will return to normal operations.
At the time of writing, no ransomware groups have assumed responsibility for the attack at WUTH.
BleepingComputer has contacted the healthcare organization to learn more about the nature of the attack, but a comment wasn’t immediately available.