BBC News

Who was hit by the NHS cyber-attack?

image copyrightEPA

NHS services across England and Scotland were hit by a large-scale cyber-attack on Friday. By Saturday afternoon, Home Secretary Amber Rudd said most NHS trusts were back to normal but six were still experiencing problems. Here is a list - last updated on Saturday afternoon - of all of the services that we know that were affected. For subsequent information, check directly with local NHS websites.


Bedford Hospital confirmed it had not been directly affected but as "a precautionary measure" had disconnected from its external computer systems.


The Royal Berkshire Hospital confirmed the IT system used for discharges had been affected, so staff reverted to paper. However, the patient records system was not affected. The hospital said patient safety is not being compromised, but warned people to expect some delays.


The Cheshire and Wirral Partnership NHS Foundation Trust said it had experienced "significant IT disruption". The East Cheshire NHS Trust said some areas had experienced disruption.

County Durham

The North Tees and Hartlepool NHS Foundation Trust, which includes the University Hospital of Hartlepool and University Hospital of North Tees, said its district nurses had been unable to access their computer system.


It is understood that the NHS Cumbria Clinical Commissioning Group (CCG) was told to switch off all its IT systems. It is not clear whether GP surgeries were affected.

North Cumbria University Hospital Trust, which includes Cumberland Infirmary in Carlisle, the West Cumberland Hospital in Whitehaven, and the maternity service at Penrith Community Hospital, confirmed on Twitter that its hospitals had been affected but were "working as normal".

The Cumbria Partnership Foundation NHS Trust, which runs 60 community and mental health services across the county, confirmed in a statement it had been affected, with all staff being told not to turn on their computers or laptops even at home unless advised by their manager. The trust had asked patients to consider using alternative services for treatment if it was not urgent.


Derbyshire Healthcare NHS Trust said it had not been affected by the attack, but did switch off its IT systems.

North Derbyshire CCG said it had taken action, but GP surgeries in the area told the BBC they had not been affected.

Southern Derbyshire CCG also told all of its GP surgeries to switch off their IT systems.


Plymouth Hospitals NHS Trust said it had been affected but most of its systems were working.


Colchester Hospital University NHS Foundation Trust, which includes Colchester General Hospital and Essex County Hospital, confirmed it had been affected by the attack to BBC Essex.

Mid Essex Hospital Services NHS Trust released a statement saying that their hospitals - Broomfield Hospital, St Michael's Hospital, St Peter's Hospital and Braintree Community Hospital - had been affected. It had asked people not to attend A&E unless they had a life threatening condition or emergency.


Hampshire Hospitals NHS Foundation Trust, which includes Andover War Memorial Hospital, Basingstoke and North Hampshire Hospital, and the Royal Hampshire County Hospital, was affected. A statement from the Trust confirmed there had been no loss of patient or other data but X-ray facilities and a small number of computers linked to CT scanners at Basingstoke and North Hampshire Hospital had been affected. The Royal Hampshire County Hospital, in Winchester, and Andover War Memorial Hospital have not been affected. The Trust said it had not cancelled any clinics or operations.


East and North Hertfordshire NHS Trust, which includes Lister Hospital, Hertford County Hospital, Mount Vernon Cancer Centre and the New QEII Hospital, said it had had "a major computer problem" affecting both clinical and non-clinical systems including its telephones. The Trust said non-urgent blood tests would not be carried out at the Lister or New QEII hospitals and had asked patients to only come to A&E if it was absolutely essential and to call NHS 111 for other conditions.


Hull and East Yorkshire NHS Hospitals Trust, including the Hull Royal Infirmary and Castle Hill Hospital, confirmed it had been affected. A spokesperson for the Trust said, while they had detected the malware, it had "not had a significant impact on our organisation". All incoming email and all web mail was blocked, but no patient systems had been affected.

Greater Manchester

NHS Heywood, Middleton And Rochdale CCG said they had put continuity plans into place, with GPs using paper back-up.

Other organisations affected include the Trafford Hospitals Trust, Wigan Hospitals Trust, Manchester Royal Infirmary (part of the Central Manchester University Hospitals NHS Foundation Trust), Bolton CCG and Bury CCG.


East Lancashire NHS Trust confirmed via its Twitter account that all of its hospitals had been affected and their IT teams had been working to fix the issues.

Morecambe Bay NHS Trust also confirmed IT problems on Twitter and had asked people not to attend A&E unless it was an emergency.

A Blackpool CCG spokesman confirmed to the BBC the attack had shut down the majority of their systems, affecting GPs, hospitals and walk-in centres. He said they believed it got onto their computers via the Lancashire NHS network and had blocked access to their patient records system, called EMIS.

Blackpool Teaching Hospitals NHS Foundation Trust said "an ongoing IT issue" had affected its computer systems across Blackpool, Fylde and Wyre. It advised patients to avoid the A&E department at Blackpool Victoria Hospital if it was not urgent.

Waterloo Medical Centre in Blackpool told the BBC it had been affected by the attack.

Lancashire Teaching Hospital NHS Trust confirmed its hospitals had been affected, including Royal Preston Hospital and Chorley Hospital. It cancelled many outpatient appointments and planned procedures over the weekend. The Trust added it would be in touch with patients to rearrange any cancelled appointments.


Barts Health NHS Trust, which includes Barts Hospital, the Royal London Hospital and Whipps Cross University Hospital, had been affected by the attack.

It is the largest trust in the country and cancelled all outpatient appointments at its hospitals on Saturday.

Barking, Havering and Redbridge University Hospitals NHS Trust said on Twitter it had taken its email systems offline and advised its patients that unless it was an emergency "you can self-care for more minor ailments".

Imperial College NHS Trust said it had not been affected but it had taken some IT systems offline as a precaution.

The BBC also understands that West Middlesex Hospital was affected.


Lincolnshire Partnership NHS Foundation said it had been affected - its IT systems had been down and some phone lines were made unavailable.

United Lincolnshire Hospitals Trust, which includes Grantham Hospital, Lincoln County Hospital and Pilgrim Hospital, was affected. The Trust's chief operating officer, Mark Brassington, said all IT systems and many phone lines had been switched off, and some emergency cases had to be diverted to other local hospitals. It said all outpatient, endoscopy, cardiology and radiology appointments scheduled for the weekend had been cancelled.

Northern Lincolnshire and Goole NHS Foundation Trust confirmed it had been affected and had advised people to only go to A&E if it was urgent.


Liverpool Community Trust confirmed its website had been down with some IT systems affected and GP surgeries in the city had to revert to using paper.

Liverpool Heart and Chest NHS Foundation Trust's website went down on Saturday.

Liverpool Women's NHS Trust said it had disconnected its external IT connections as a precaution but said its patient services had not been directly affected.

Mersey Care NHS Trust said on Twitter its website, phones and email had gone down.

Royal Liverpool and Broadgreen University Hospitals NHS Trust turned off its systems as a precaution, but was not directly affected.

Southport and Ormskirk Hospital NHS Trust was also hit and had asked people with outpatient appointments on Saturday not to attend, promising to call on Monday to rearrange. It had asked people to avoid A&E if possible.


James Paget University Hospitals Foundation Trust was hit by the attack with all weekend appointments cancelled.


Kettering General Hospital NHS Foundation Trust had said all external IT systems, including email and its websites had been taken offline and was advising patients to avoid A&E unless it was urgent.

Northampton General Hospital NHS Trust confirmed it had been affected and that some systems were still down on Saturday morning, it had advised patients to avoid using A&E unless it was an emergency.

Northamptonshire Healthcare NHS Foundation Trust said it had shut down some of its IT systems as a precaution.


Northumbria Healthcare NHS Foundation Trust, which includes Alnwick Infirmary, Berwick Infirmary, Blyth Community Hospital, Haltwhistle War Memorial Hospital, Hexham General Hospital, Morpeth NHS Centre, North Tyneside General Hospital, Northumbria Specialist Emergency Care Hospital, Rothbury Community Hospital, the Whalton Unit and Wansbeck General Hospital, was affected, it had asked people to avoid A&E where possible.

Northumberland, Tyne and Wear NHS Foundation Trust said it had been affected.


Nottinghamshire Healthcare NHS Foundation Trust said it had been affected - some of its phone lines and email systems were made unavailable.

Sherwood Forest Hospitals NHS Foundation Trust confirmed it had shut some of its IT systems as a precaution.


Yeovil Health Centre, a GP practice, had asked its patients to avoid using its walk-in service if their condition was not urgent or could be dealt with next week.


NHS Ayrshire and Arran, NHS Borders and NHS Dumfries and Galloway, including Dumfries and Galloway Royal Infirmary and Galloway Community Hospital, also confirmed that they were affected.

NHS Greater Glasgow and Clyde said four GP practices had experienced disruption to IT systems, but the rest of the area was unaffected.

NHS Grampian, NHS Fife and NHS Highland were all affected.

NHS Forth Valley confirmed that a small number of GP and dental practices had been affected, but remained open.

NHS Lanarkshire closed its non-essential networked IT systems on a temporary basis after being affected by the attack. All their sites remained open, but they did ask members of the public only to attend hospital for emergency treatment.

An NHS Western Isles spokeswoman confirmed they had been affected but could not confirm to what extent.

NHS Tayside had been affected.

The Scottish Ambulance Service confirmed it had been affected.


Burton Hospitals NHS Foundation Trust said it had closed its IT systems as a precaution and urged patients to avoid A&E unless it was an emergency.

The walk-in centre in Hanley, Stoke on Trent was affected.

North Staffordshire Combined Healthcare NHS Trust said it had been affected but no patient data had been accessed, stolen, misused or lost.

University Hospitals of North Midlands said they took precautionary measures. A spokesman for the Trust, which runs Royal Stoke and County Hospital in Stafford, said at the time: "Certain services within UHMN are currently unavailable. This is having minimal impact on clinical services. Staff and partners will be kept fully informed throughout the disruption." People were asked to stay away from A&E if possible.

Staffordshire and Stoke-on-Trent Partnership Trust said it had been affected and its IT systems were down for a time.


Surrey and Sussex Healthcare NHS Trust said it was unaffected but had temporarily shut down its systems as a precaution.

West Midlands

Birmingham Community Healthcare NHS Foundation Trust confirmed it had been affected.

George Eliot Hospital NHS Trust said it had shut down a number of its systems as a precaution.


York Teaching Hospitals NHS Trust said it had been significantly affected and experienced "major IT issues". The Trust had asked patients to think twice about visiting A&E.

Scarborough and Ryedale CCG had told all of its GP practices to shut down their IT systems as a precaution and to make appointments with pen and paper.

Related Topics

  • Cyber-attacks
  • GP

More on this story

  • How cyber-attack is disrupting NHS