Ransomware attack at National Health Laboratory Service

Posted on

The National Health Laboratory Service (NHLS) recently experienced a significant security breach resulting from a ransomware attack that compromised its IT systems and infrastructure. The incident, which occurred over the weekend, has rendered many of the NHLS’s internal and external systems inaccessible.

According to NHLS spokesperson Mzi Gcukumana, the preliminary investigation indicates that the ransomware virus targeted specific points within the NHLS’s IT systems, blocking communication from the Laboratory Information System (LIS) and other databases to users. Despite this, the NHLS’s Enterprise Resource Planning (Oracle) environment, LIS (TrakCare) database, and Central Data Warehouse were not affected, ensuring that no patient data was lost or compromised. “All patient data is safe,” Gcukumana said.

The ransomware attack has significantly impacted the NHLS’s service delivery, which relies on its networked laboratory system.

The NHLS, South Africa’s diagnostic pathology service for public healthcare facilities, operates a network of 265 laboratories that process clinical samples to diagnose and treat diseases such as AIDS and tuberculosis. Due to the breach, sections of the IT system, including the backup server, were deleted. This will require a thorough rebuilding process, the timeline for which is currently unknown.

NHLS chief executive Professor Koleka Mlisana said the breach affected the data centres and caused the NHLS’s website to go down. Despite this, all NHLS laboratories remain fully functional and continue to receive and process clinical samples.

However, the usual automated digital system for sending laboratory reports to clinicians is disabled. Consequently, urgent results are being communicated telephonically, and other results are manually printed and distributed.

The full scope of the breach was still being investigated, with the NHLS prioritising the restoration of vital services and ensuring the security and integrity of its data.

The organisation acknowledged the significant disruption caused and was focused on restoring full functionality as swiftly as possible.

Mlisana said the NHLS team is dedicated to maintaining service continuity and addressing the incident’s aftermath comprehensively.