Exclusive Latest figures suggest that around 1,500 medical procedures have been cancelled at some of London’s biggest hospitals in the four weeks since the Qilin ransomware attack hit pathology service provider Synnovis. But perhaps no individual has been as badly affected as Johanna Groothuizen.
Hanna – the name she uses – is now missing her right breast after her skin-sparing mastectomy and immediate breast reconstruction were replaced at the last minute with a simple mastectomy.
I never thought it would be a cyber attack from Russian hackers. That was not something I ever thought would happen
The 36-year-old research culture manager at King’s College London and former health sciences researcher was diagnosed with HER2-positive breast cancer in late 2023. It is an aggressive form known to spread faster and return more often, making treatment urgently needed.
Hanna began chemotherapy shortly after her diagnosis until she could hopefully undergo the first and only major procedure to remove the disease.
Between then and the surgery, which was scheduled for June 7 — four days after the ransomware attack was carried out — she had been told repeatedly that the planned procedure was a skin-sparing mastectomy, which would allow surgeons to cosmetically reconstruct her right breast immediately after the operation.
How the ordeal actually unfolded, however, was a different story. Hanna was given less than 24 hours by doctors to make the daunting decision to either accept a simple mastectomy or postpone a life-changing procedure until Synnovis’ systems were back online.
The decision was forced upon her on the Thursday afternoon before her Friday surgery, after she was forced to hound medical staff for updates on whether the procedure would go ahead at all.
On Tuesday of that week, the day after Qilin’s attack, Hanna was told that despite all the developments, the staff at St Thomas’ Hospital in London still planned to perform the skin-sparing mastectomy as previously agreed.
According to updates Hanna requested on Thursday, there was strong evidence that the surgery would be canceled. The hospital deemed the reconstruction portion of the procedure too risky because Synnovis could not support blood transfusions until its systems were back online.
The ransomware attack was not easy on hospitals. The situation was so bad that blood reserves were running out just a week after the attack, leading to an urgent call for O-type blood donations.
For Hanna, however, this meant that she had to make an unimaginably difficult choice between the surgery she wanted, or the surgery that would give her the best chance of survival.
The mother of two young children, aged four and two, felt she had no choice but to accept the simple mastectomy, which left her with just one breast.
When told that surgery was unlikely to happen, she reminded medical staff of her particularly aggressive cancer diagnosis and asked about her remaining options. She feared that the cancer would grow again after multiple rounds of chemotherapy.
“The options were to wait for the system to recover or to just do the mastectomy, and ultimately I chose to just do the mastectomy, so this was all very, very last minute,” Hanna said. The register.
“I had no idea when everything was going to be okay, the hospital had no idea – they couldn’t tell me, so yeah, ultimately I felt it was the only choice I could really make because it’s an aggressive cancer, I’ve got two young children, I don’t want to die. So yeah, that’s what I did.
“But then you wake up and suddenly you have no breasts anymore.”
With the little time the hospital gave her to make a choice, Hanna asked her friends and other breast cancer patients for advice. She got the universal idea that she should have the simple mastectomy to avoid unnecessary health risks.
From that moment on, everything about Hanna’s treatment changed. The length of her stay was now much shorter and the aftercare she was given changed because of the different procedure.
Hanna said she remembered a sense of urgency in the hospital at that time, particularly regarding her post-operative care, which she felt was somewhat rushed. The surgeon began giving her information about wound care immediately after she woke from general anesthesia. She was understandably sleepy and could not retain that kind of information, although the surgeon later apologized for this.
She doesn’t think the hospital panicked about the cyberattack, other than the rushed aftercare she experienced herself. She thinks that had more to do with the rapid change in procedure than the disruption Qilin caused.
Taking it into the bargain
Despite the terrible situation Hanna found herself in and the stress and anxiety it caused her, she seemed remarkably cheerful on the phone, all things considered.
In particular, she said she had no ill feelings towards the National Health Service (NHS) and that she felt the staff at St Thomas’ Hospital treated her well, with care and compassion.
“It’s difficult of course because it’s such a strange kind of event, and surgeries are being postponed – that’s all understandable, but of all the reasons you can think of, [for an operation to be canceled] “This was the last thing I ever considered,” Hanna said. “I never thought it would be a cyber attack from Russian hackers. That was not something I ever thought would happen.
“It’s just unforeseen. The people in the NHS are working very hard to make sure everyone gets the care they need.”
Before the incident impacted her care, Hanna was already aware of cybersecurity and previous attacks on the NHS, such as WannaCry in 2017. But Qilin’s work has made her delve much deeper into the topic.
Hanna believes the attack raises questions about the resilience of the UK’s public sector infrastructure.
“I think there is probably an issue around some sort of underfunding. I have noticed that in my care, particularly around the administration and things around it, and there may be issues around cybersecurity.
“While it was clear that an external company was the victim of this cyberattack, it still raises questions about cybersecurity and whether additional measures, protocols or backups should be put in place to deal with the situation to prevent these types of issues.”
One of the key objectives of the UK National Cyber Security Strategy (2022-2030) was to significantly improve the resilience of critical government functions, including the delivery of essential public services, to cyberattacks by 2025. However, there have been a number of events in recent months to suggest that this objective is still a long way off.
The recent attack on Synnovis is the latest reminder of what happens when mission-critical organisations are hacked, but the UK has seen several other attacks in the past 12 months that have caused significant disruption. From a crippling attack on the government-sponsored National Library, to a breach at the Ministry of Defence, a series of data protection blunders and the National Cyber Security Centre (NCSC) raising concerns about the state of critical infrastructure – the UK’s security posture needs to become more robust.
But that is now the job of Sir Keir Starmer and the Labour Party.
Hanna said she mostly blames Qilin, who had previously told her The register They were well aware that their attack would cause great unrest, as the events would leave her without breasts.
When asked what she would say to the members of Qilin if she ever met them, Hanna once again showed her strength in dealing with the difficult situation, shedding light on the matter with her humor.
“I would show them,” she joked, laughing. “I would show them a picture of what my body looks like now. This is what you did.
“But, gosh, what would you say to people like that? I think it’s really easy to do something like that from the safety of your computer, where you can almost distance yourself from it. You can pretend that these aren’t real people you’re dealing with.”
Road to recovery
Hanna’s surgery went well and she is now back home with her children. She is preparing for additional treatment after the surgery to ensure the cancer is completely eradicated.
Qilin: We knew our Synnovis attack would cause a health crisis in London hospitals
READ MORE
This means that in addition to a new round of chemotherapy, she will also receive a number of targeted therapies that target the specific HER2-positive type of cancer she has.
She also doesn’t rule out having breast reconstruction surgery in the future, but she says it will be another year before that is an option for her, as she still has to undergo treatment.
A month in
At the time of writing, it is almost five weeks since Qilin attacked Synnovis, a pathology services partnership between Synlab, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust.
The latest update from the NHS shows that there is still disruption to services in the region, although some services, such as outpatient appointments, are almost back to normal levels.
In the final week of data (24-30 June), 1,517 acute outpatient appointments and 136 elective procedures were postponed across the two NHS trusts working with Synlab. The total number of postponements for the whole month since the attack occurred (3-30 June) is 4,913 for acute outpatient appointments and 1,391 for elective procedures.
Dr Chris Streather, Medical Director of NHS London, said: “I am incredibly proud of the way the NHS in London continues to work to minimise the impact on patients. Staff are working hard to keep patients safe and deliver the high-quality care we strive to provide across the capital.”
He stressed that services were returning to almost normal and acknowledged the additional difficulties that last week’s strikes had brought to staff at affected hospitals.
Streather also noted that pathology services are now running at 54 percent of their capacity pre-ransomware attack.
A spokesperson for Guy’s and St Thomas’ NHS Foundation Trust said The register: “We deeply regret the impact the criminal cyberattack on our pathology provider, Synnovis, had on Johanna’s care and apologize for any inconvenience this may have caused.” ®