Hospitals have been closed and operations have been cancelled as a result of a major cyberattack on the NHS.
At least 16 NHS organisations across England and Scotland have been affected.
It has plunged the British health service into chaos, with doctors forced to use pen and paper to work.
The NHS has declared a "major incident" in England.
Prime Minister Theresa May has confirmed the attack is part of a broader international cyberattack.
At least 99 other countries have reportedly been affected.
Around 1,000 computers at Russia's Interior Ministry have also been targeted, according to a ministry spokeswoman cited by Interfax.
This is a developing story. If you are an NHS employee, a patient, or have you been affected today, get in touch: firstname.lastname@example.org
LONDON — The National Health Service is in chaos across the United Kingdom as the result of a major cyberattack. Hospitals are being closed, operations are being cancelled, and patients are being turned away as at least 16 NHS organisations up and down the country struggle with "major" technical issues. A "major incident" has been declared across England by the NHS. (Per Sky, it might be as many as 40 affected.) NHS services from Barts in London to Liverpool say they are affected. Some employees are reporting that NHS computers have been hit with ransomware — malicious software that encrypts all all the data on a computer then demands a ransom to unlock it. Multiple NHS organisations are telling people not to come to A&E, and at least one is "postponing all non-urgent activity." There are also reports on Twitter of operations being cancelled due to the attack. "It's actually a nightmare" an NHS employee told Business Insider. "Everyone is phone calling all over the place and resorting back to paper to make sure people don't miss out." Barts Health in London is redirecting ambulances to other hospitals. Great Ormond Street children's hospital is also affected, a source says. In addition to hospitals, there are also reports of GP practices being affected. Initial reports focused on England, but Sky News is now reporting that GP surgeries in Scotland have been affected as well. The attack doesn't seem to be specifically targeting the NHS. Rather, it's part of a broader, international cyberattack. An as-yet unknown attacker used a leaked NSA exploit with the ransomware — and it has spread across at least 99 countries, from Spain to Japan, as a result. A Russian Foreign Ministry spokeswoman told Interfax that around 1,000 computers at its agency had also been affected.
In a statement, Prime Minister Theresa May confirmed the attack is international, and that there is no evidence patient data has been accessed. She said, per The Guardian:
"We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.
"This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.
"The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety.
"And we are not aware of any evidence that patient data has been compromised.
"Of course, it is important that we have set up the National Cyber Security Centre and they are able to work with the NHS organisations concerned and to ensure that they are supported and patient safety is protected."
"Ooops, your files have been encrypted! Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service," the message reads. Some security experts are reporting that the ransomware is spreading so quickly because it has been updated with Windows exploits created by NSA, the US spy agency. These were leaked online — and subsequently made their way into the hands of criminals.
The Guardian reports that the East and North Hertfordshire NHS trust said in a statement: "Today (Friday, 12 May 2017), the trust has experienced a major IT problem, believed to be caused by a cyber attack. "Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust's telephone system is not able to accept incoming calls. "The trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency. "To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need." NHS Mid Essex CCG is similarly asking patients: "do not attend A&E unless it's an emergency."