Express & Star

Patients warned to avoid Stafford A&E due to NHS cyber attack

Patients have been warned not to visit A&E at Stafford's County Hospital unless they are seriously injured after the NHS was hit by a major cyber attack.

Published
Last updated
The University Hospitals of North Midlands NHS Trust has been hit by an NHS cyber attack

IT systems at 16 NHS England organisations have been affected, including the University Hospitals of North Midlands NHS Trust which runs County Hospital in Stafford and Royal Stoke University Hospital.

As a result the trust has asked patients not to visit A&E in Stafford or Stoke during the disruption unless they have a 'serious or life-threatening illness'.

Bosses at County Hospital declared they had not been directly targeted but nevertheless they called on patients to avoid Weston Road as a ‘precaution’. They also expressed the same plea concerning Royal Stoke.

A statement from University Hospitals of North Midlands NHS Trust (UHNM) said: “The Trust is asking the public not to attend A&E unless they have a serious or life-threatening illness or injury during this disruption.

“Due to an ongoing national issue, within the NHS, certain IT services within UHNM are currently unavailable. This is having a minimal impact on clinical services and staff and partners will be kept fully informed throughout this disruption.”

Staffordshire and Stoke-on-Trent Partnership NHS Trust (SSTOP) which looks after community services in the county confirmed their systems had gone down.

The nearest fully functioning A&E to Stafford is New Cross Hospital 15 miles away in Wolverhampton, where the emergency department has continued to operate as normal.

New Cross Hospital in Wolverhampton has not been affected

A spokesperson for Royal Wolverhampton NHS Trust confirmed New Cross and West Park Rehabilitation Hospital had not been affected by the hack.

They added: "I can confirm as of 4.15pm we haven't been affected. GPs are still accessing patient files as usual, but we're still advising all staff to be extra vigilant with the use of their e-mails."

The A&E departments at Walsall Manor Hospital and Russells Hall Hospital in Dudley were also running as normal, with the Dudley Group NHS Trust taking extra precautions with its IT security.

Theresa May said the cyber attack was part of a wider international attack and there is no evidence that patient data has been compromised.

Pictures posted on social media showed screens of NHS computers with images demanding payment of 300 US dollars worth of the online currency Bitcoin, saying: "Ooops, your files have been encrypted!"

It adds: "Maybe you are looking for a way to recover your files, but do not waste your time."

It demands payment in three days or the price is doubled, and if none is received in seven days the files will be deleted.

NHS Digital said IT systems had been affected by a ransomware attack using malware called "Wanna Decryptor".

An NHS Digital spokesman said: "This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.

"At this stage we do not have any evidence that patient data has been accessed.

"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected."

The SSTOP advised anyone needing to contact them in Cannock, Stafford and South Staffordshire areas to call 0787 654 7239.

What is Wanna Decryptor?

Wanna Decryptor is a piece of malicious software that encrypts files on a user's computer, blocking them from view and threatening to delete them unless a payment is made.

The virus is usually covertly installed on to computers by being hidden within innocent-looking emails containing links, which users are tricked into opening.

Once opened, the malware can install on to a system without the user's knowledge.

The virus is then able to encrypt files and block user access to them, displaying a pop-up window on-screen telling users they have been blocked and demanding payment - often via a digital currency such as Bitcoin.

Transactions through digital currencies such as Bitcoin are harder to trace as they do not involve a central banking system to process or confirm transactions, instead relying on other users to do so in a peer-to-peer system, which increases the chances of anonymity.

It is possible to remove ransomware such as Wanna Decryptor without payment by using advanced anti-malware software.

The malware can also be removed manually with a computer in "safe mode", however security experts warn this runs the risk of damage to a PC as users must go through sensitive system files in order to find and isolate files created by the Wanna Decryptor software.