While prominent UK entities such as Heathrow Airport, Marks & Spencer, Jaguar Land Rover, and the British Library have recently fallen victim to cybercrime, the repercussions for the National Health Service (NHS) have proven far more severe, extending to the tragic loss of innocent lives. This stark reality was underscored in June when King’s College Hospital NHS Foundation Trust confirmed that a patient's unexpected death last year was directly linked to a cyberattack that severely crippled its services.

The incident involved ransomware, malicious software designed to freeze network access until a payment is made. Although the trust reportedly did not pay the ransom, an investigation into the patient’s death highlighted multiple contributing factors, notably “a long wait for a blood test result due to the cyberattack impacting pathology services.” This case is believed to be the first recorded instance of an NHS patient dying as a direct consequence of cybercrime, a grim precedent that experts fear will not be the last.

Professor Alan Woodward, a cybersecurity specialist at the University of Surrey, warns of the inevitability of further fatalities if essential services like the NHS continue to be targeted. He emphasizes that cybercriminals, being of the “worst kind,” do not choose targets to minimize harm but rather exploit the urgency of healthcare to coerce payments. Anecdotal evidence paints a troubling picture of relentless assault, with the NHS reportedly facing hundreds, if not thousands, of hacking attempts daily.

Dr. Saira Ghafur, digital health lead at the Institute of Global Health Innovation at Imperial College London, notes a significant surge in attempted attacks since the COVID-19 pandemic, driven by increased reliance on NHS digital systems. This trend is not confined to the UK; healthcare systems worldwide have seen a massive rise in attempted breaches. The IBM Cost of a Data Breach Report 2025 consistently identifies healthcare as the sector bearing the heaviest financial burden, with attacks costing hospitals an average of £5.5 million and taking nine months to contain.

The UK has experienced several high-profile breaches over the years. In 2017, nearly a third of England’s NHS trusts were affected when criminals demanded cryptocurrency. Although no ransom was paid, the incident led to the cancellation of almost 7,000 NHS appointments and incurred an estimated £92 million in IT repair costs. More recently, the 2024 attack that tragically resulted in a patient’s death targeted Synnovis, a pathology lab processing blood tests for NHS hospitals and GPs in southeast London. A Russian cybercrime group, Qilin, breached Synnovis’s systems, stealing data and halting test processing. This disruption affected King’s College Hospital, Guy’s and St Thomas’, and the Evelina London Children’s Hospital, forcing the cancellation of operations and blood tests. A subsequent review revealed over 10,000 disrupted appointments, five cases of “moderate harm,” and 114 instances of “low harm.” Furthermore, in March 2024, up to 150,000 patients’ private data was stolen and published on the dark web after NHS Dumfries & Galloway in Scotland refused to pay hackers.

Professor Woodward underscores the NHS’s profound dependence on IT systems, from appointment scheduling to test result delivery, explaining that any computer unavailability brings the entire process to a standstill. A 2023 report by the National Risk Register, which outlines external threats to Britain’s infrastructure, ominously stated that a “bug infiltration” in half of the NHS network would likely impact 100 percent of the service. Such an event, it warned, would have immediate consequences, including cancelled appointments, procedural delays, A&E diversions, and direct impacts on clinical care leading to patient harm.

Further substantiating these concerns, a 2024 study by the University of Minnesota found that mortality rates among hospitalized patients can rise by up to 41 percent during cyberattacks due to the unavailability of tests and treatments. The study estimated that between 2016 and 2021, 68 to 75 hospital patients in the US died as a direct result of cybercrime.

NHS England stated in July that it is bolstering its cybersecurity efforts, having invested £338 million over the past seven years. Its Cyber Security Operations Centre in Leeds continuously monitors new threats and attacker activity. However, Professor Woodward highlights the persistent challenge posed by sophisticated attackers using bots to constantly probe networks, akin to burglars “rattling door handles” until they find an unlocked one. He concludes that breaches are “inevitable” and therefore, the NHS must proactively “plan for failure” to mitigate the devastating consequences of future cyberattacks.