Ransomware Attack on NHS Blood Screening: One Year On, the Crisis Continues

A year after a devastating ransomware attack on NHS pathology provider Synnovis, the health service is still dealing with the fallout, most notably a persistent shortage of critical blood supplies. Krysta Collin, General Manager at AJC and a regular blood donor, explores what happened, why it matters, and how organisations can strengthen their resilience against future disruption.

What Happened

On 3 June 2024, a ransomware attack, later attributed to the Russian-linked Qilin group, infected Synnovis, a pathology services provider for several major hospitals in London. The attack disrupted IT systems used to process blood tests, match blood types, and manage critical pathology services.

More than 3,000 hospital and GP appointments were cancelled or delayed. Several London hospitals declared a critical incident and were forced to postpone surgeries, tests, and even emergency transfusions due to their inability to match and supply blood safely. O negative blood, which is essential in emergencies, was especially affected.

Though the incident targeted a third-party provider, the impact rippled throughout the NHS. It revealed just how vulnerable essential services are when external partners are compromised.

Blood Shortages Continue

In July 2024, NHS Blood and Transplant (NHSBT) issued an Amber Alert due to a severe shortage of O negative blood that followed the cyberattack. More than a year later, the UK is still feeling the effects. Stocks have remained low, and following several bank holidays earlier this year, the risk of entering a Red Alert status remains a serious concern. This would mean demand outpaces supply, threatening patient safety. As such the NHSBT has called for 200,000 new donors to come forward and has said that the number of regular donors needs to rise from around 800,000 to more than one million to maintain a safe and reliable supply.

The NHS continues to appeal for O positive, O negative, and Ro subtype donors. Although registrations have increased, particularly among Black heritage communities, many have yet to donate. O negative blood is especially urgent, as it’s used in emergencies, accounts for 15% of all usage in hospitals but only 8% of the population can provide it. Ro subtype blood, vital for treating sickle cell disease, is also in short supply.

Strategic, Calculated Disruption

This was not a random or opportunistic cyberattack. It was deliberate. Cybercriminals targeted a key link in the NHS supply chain, knowing that the disruption would be immediate, widespread and harmful.

Blood screening and matching services are essential to safe surgery and emergency care. When that function is knocked offline, even temporarily, it can delay or halt critical treatments. This reflects a wider trend, where attackers are focusing on specialised providers whose disruption creates a cascade of systemic consequences.

In this case, the pathology provider’s systems became the weak point that allowed ransomware to affect thousands of patients. It is a stark reminder that even the most vital services can be compromised through indirect access points.

Final Thoughts

As a blood donor, I’ve always known that donations save lives. But this past year has shown just how fragile that system can be. Cyberattacks like the one on Synnovis don’t just delay care. They risk lives by undermining the infrastructure that healthcare depends on.

The NHS is doing everything it can to recover. But resilience doesn’t stop at the hospital doors. We need better oversight, stronger preparation and closer collaboration across the entire supply chain, because no one should be denied care due to a preventable system failure.

Building Real Resilience

The incident exposed the vulnerability of vital third-party services and the far-reaching impact of cyberattacks on patient care. These events reinforce the need for joined-up, practical resilience, not just at the point of care but across every supporting service. At AJC, we help organisations strengthen their cyber security preparedness and response by:

• Mapping supply chain dependencies and identifying hidden points of risk
• Reviewing and strengthening incident response plans across internal teams and third-party relationships
  

• Delivering practical training and simulation exercises for operational and leadership teams
  

• Advising on procurement and contracts to ensure suppliers meet appropriate security standards

Contact us on 020 7101 4861 or email us at info@ajollyconsulting.co.uk if you think we can help.

If you’re interested in signing-up for blood donation, visit the NHS website, here.

References
https://www.england.nhs.uk/synnovis-cyber-incident/
https://www.nhsbt.nhs.uk/news/nhs-in-england-calls-for-one-million-people-to-donate-blood-to-secure-the-nation-s-blood-supply/
https://nhsbtdbe.blob.core.windows.net/umbraco-assets-corp/36417/20250521-nhsbt-amber-alert-update-risk-of-red-alert.pdf
https://www.theguardian.com/society/2025/jun/09/nhs-more-blood-donors-needed-england
https://www.ft.com/content/2388ff54-2fae-4893-87df-fd3c259bfcf6
https://www.bbc.co.uk/news/articles/c98p0pj7dypo

Image accreditation: Getty Images on Unplash.com+. Last accessed on 17th June 2025. Available here.