The National Health Laboratory Service (NHLS), South Africa’s key government diagnostic pathology organization, is grappling with a severe disruption following a ransomware attack that has destroyed backups and continues to impact operations.
This cyberattack, which exploited vulnerabilities in NHLS infrastructure, has caused significant delays in laboratory testing at public health facilities.
Despite all laboratories currently operating at full capacity and handling clinical samples, doctors are unable to access test results online.
While reassuring the public that no patient data had been exposed, the NHLS stated that it would take a few weeks to retrieve the damaged data. The delays in laboratory test results have affected emergency patients and increased the risk to intensive care units nationwide.
The IT systems of the diagnostic department were breached on June 22, 2024, compromising backup systems. As a result, clinicians in numerous health centers have been unable to access patient information and laboratory test results.
Given that NHLS serves 80% of the population as the primary source of diagnostic pathology services, this incident has significantly impeded healthcare delivery.
More than 6.3 million unprocessed blood test results are causing important operations across the nation to be postponed, endangering the health of patients who rely on these data to monitor their conditions.
These test results from public health facilities are typically processed automatically by the NHLS, which oversees more than 265 laboratories nationwide, and made available online.
However, as of July 2, 2024, reports indicate that laboratory tests at the Gauteng Health Laboratory have been delayed due to a cybersecurity compromise, coinciding with ongoing attacks against NHLS.
The NHLS has acknowledged that the ransomware attack resulted in a serious breach that erased parts of the system, including backups.
There is currently no set timeline for a complete restoration, and rebuilding these systems will require a significant amount of time. In response, clinicians will be temporarily notified by phone of urgent results.
Patients, NHLS staff members, and health centers are concerned about the service’s ability to continue operating under these circumstances. The impact of the cyberattack on South Africa’s healthcare system underscores the critical need for robust cybersecurity measures to protect essential health infrastructure.