Some NHS bodies still in process of ‘reconnecting’ six months on from cyberattack on IT systems supplier

Written by Sam Trendall on 6 February 2023 in News

Minister reveals that fallout continues to affect platforms and data

Credit: Darwin Laganzon/Pixabay

Six months on from a major cyberattack on a key software supplier, some NHS organisations are still yet to reconnect to impacted systems, a minister has revealed.

On 4 August, a ransomware attack targeted at Advanced affected the a number of the vendor’s products, including the Adastra patient-management platform used to support the urgent-care treatment of up to 40 million people in the UK, and the Carenotes electronic patient records system used by 40,000 doctors.

In the half-year that has elapsed since the incident, government and the NHS has “have worked closely with Advanced to restore services”, according to health and secondary care minister Will Quince. But some health-service bodies are still suffering the fallout, he indicated.

“The majority of NHS services have now been reconnected and we are supporting the few NHS organisations still undergoing reconnecting,” Quince said. “All but one of the affected mental health providers have now been reconnected and are in the restoration phase.”

Related content

The minister – who was answering a written parliamentary question from Labour’s shadow mental-health minister Dr Rosena Allin-Khan – said that the cyber assault has affected the process of gathering the statistics that comprise the NHS’s national Mental Health Services Data Set (MHSDS).

“The MHSDS monthly publication has been reclassified as experimental statistics to reflect this,” he said. “Caveats are included on the publication page to warn users when interpreting the data. The NHS Digital data liaison service and data quality teams are in regular communication with providers and continue to monitor the impact on submissions and reporting.”

As well as patient records and care-management platforms, other Advanced products impacted by the incident included: the Odyssey product for supporting clinical decision-making; Staffplan, a service for managing staff rotas, as well as recruitment and payroll; the public sector-focused eFinancials system; the Caresys care home-management tool; and Crosscare, a clinical-management program for the private care providers and hospices.

In the most recent update to an FAQ document posted on a page on its website dedicated to the attack, Advanced said: “In the time since the attack, we have progressed our recovery and restoration efforts with respect to affected systems. We have been working with the NHS and the NCSC (National Cyber Security Centre) to validate the additional security measures we have put in place.”


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

NHS long-term cyber strategy sets out plan to ramp up workforce and ‘defend as one’
23 March 2023

Government sets out vision for improving resilience of health and social care sector by the end of the decade

NCSC probes TikTok amid reports of imminent ban of government devices
16 March 2023

Security minister confirms intelligence agency is investigating the video app

Army seeks tech training proposals for recreating combat
8 March 2023

Military research unit announces £2.8m competition for ‘disruptive ideas and concepts’

‘This will define the future of warfare’ – parliamentary committee probes AI weapons
7 March 2023

Peers to examine possible uses of autonomous weapons, as well as their legal and ethical ramifications