The National Health Laboratory Service (NHLS) has confirmed that it experienced an information technology (IT) security breach this past Saturday — due to a cyber attack — compromising its systems and infrastructure.
A finding from the NHLS preliminary investigation, however, suggests that no patient data has been lost or compromised.
‘All patient data is safe. The investigation indicated that a ransomware virus was utilised to target selected points in the NHLS IT systems, rendering them inaccessible and blocking communication from the laboratory information system and other databases to and from users,’ the NHLS said.
The organisation’s systems remain inaccessible both internally and externally, including to and from healthcare facilities until the integrity of the environment is secured and repaired.
‘All users will be aware that the NHLS networked laboratory system is heavily reliant on these information technology systems that have been disrupted.
‘It has been established that sections of our syst
em have been deleted, including in our backup server and this will require rebuilding the affected parts. Unfortunately, this will take time and investigations thus far have not advanced enough for us to give a timeframe toward the restoration of our systems and full service,’ the NHLS said.
Stakeholders and the public will be informed as soon as more information becomes available.
‘The cyber attacks did continue but we have been able to block these because of the additional layer of security that was built to prevent further damage. We also have had to shut down systems to enable us to repair the damage.’
In response to the breach, the NHLS said it swiftly activated its incident response team, which included both internal experts and external cybersecurity professionals.
‘It must be emphasised that the NHLS’ responsibility is to ensure business continuity and quality service delivery.
However, the institute stated that all of its laboratories are currently fully functional and are receiving and processi
ng clinical samples.
Under normal circumstances, the laboratory reports are automatically generated and sent to clinicians or made available on web view, but the incident has disabled that functionality.
‘However, all urgent results are communicated telephonically to requesting clinicians.’
The organisation has acknowledged the inconvenience that this disruption may have caused, for which they apologised.
‘The NHLS Board under the leadership of Professor Eric Buch and the executive leadership team, led by the CEO, Professor Koleka Mlisana, are working around the clock to address this unfortunate incident and ensure the continuity of our services.’
The NHLS is a government diagnostic pathology service responsible for supporting health departments.
Source: South African Government News Agency