In June 2025, the UK’s National Health Service (NHS) confirmed that a cyberattack contributed to a patient’s death. The Qilin ransomware gang targeted Synnovis, an NHS pathology provider, disrupting blood testing services across London hospitals. As a result, one patient at King’s College Hospital suffered a fatal delay in receiving critical results.
This incident—believed to be the first NHS-related fatality linked directly to a cyberattack—highlights the life-or-death impact of cybersecurity in the healthcare sector.
The broader impact was extensive: nearly 170 patients suffered harm, thousands of appointments and procedures were cancelled, and Synnovis refused a $50 million ransom. Nevertheless, the attack caused over £32 million in damages and resulted in sensitive patient data being published on the dark web.
It is reported that over 1,100 delayed cancer treatments, 2,000 cancelled outpatient appointments, and more than 1,000 postponed operations. Blood testing services were so heavily disrupted that clinicians were forced to rely on universal O-type blood for all transfusions, contributing to a national shortage of this critical blood type.
According to Deryck Mitchelson, former Chief Information Security Officer for NHS Scotland, the NHS’s reliance on a vast web of third-party providers created a vulnerability. He emphasised that the weakest link in the system—often a third-party supplier—can compromise patient safety when cyber security is insufficient. As he rightly pointed out:
“The attack wasn't just on IT infrastructure—it was an attack on patient care.”
The healthcare sector is a prime target for cybercriminals due to its sensitive data and critical services. Criminals know that healthcare providers operate under immense pressure and may pay ransoms to prevent harm to patients.
Between 2015 and 2022, over 30% of reported data breaches occurred in healthcare1. The sector now faces the highest average cost of a breach, approximately $10 million. But beyond the financial damage lies a more critical threat: patient safety.
Cyberattacks can delay diagnosis, disrupt operations, and even compromise the function of medical devices. Whether it’s a ransomware outbreak like WannaCry in 2017 or more recent tragedies, it is increasingly clear that cybersecurity is a patient safety issue, not merely a technical concern2.
For digital health and medtech companies, the risks are just as acute. Apps, APIs, and connected medical devices all represent potential attack surfaces. Without adequate protections, a compromised device or cloud service could lead to both regulatory violations and patient harm. Medical device security, digital health security, and health tech security must be prioritised at every level of development and delivery.
Security frameworks and regulations are essential in helping organisations safeguard against such incidents. For healthtech firms, the following standards are particularly relevant:
ISO/IEC 27001 – This international standard provides a structured approach to information security management. Certification ensures that organisations actively identify, mitigate and monitor risks, while maintaining a culture of continual improvement.
HIPAA – In the United States, the Health Insurance Portability and Accountability Act enforces strict standards for handling personal health data. HIPAA compliance requires robust administrative, physical, and technical safeguards.
Medical Device Regulation (MDR) – The EU MDR explicitly includes cybersecurity requirements for medical devices, mandating built-in protections against unauthorised access and data breaches.
Compliance with these standards doesn’t just reduce legal risk—it directly strengthens cyber resilience. Regular audits, secure design, incident preparedness, and data protection are cornerstones of these frameworks.
Healthtech companies can reduce their exposure to cyber threats through proactive measures, including:
Risk assessments and audits – Identify vulnerabilities before attackers do. Penetration testing and gap analysis are especially useful.
Employee training – Human error is a leading cause of breaches. Equip your team to spot phishing attempts and follow secure practices.
Multi-factor authentication – Protect logins with more than just a password. Enforce least-privilege access across all systems.
Patch management – Keep software and firmware up to date to prevent exploitation of known vulnerabilities.
Encryption and backups – Secure sensitive data both at rest and in transit. Maintain secure, isolated backups and test recovery procedures.
Incident response planning – Know what to do if a breach occurs. Define responsibilities, test your plan, and ensure regulatory reporting is covered.
Third-party risk management – Ensure suppliers and partners meet your cybersecurity standards. Include clear expectations in contracts.
By implementing these measures, healthcare organisations build multi-layered defences that help to prevent attacks and mitigate their impact when incidents occur.
The Qilin attack is a reminder that cybersecurity and compliance are essential, not optional, in modern healthcare. For medical device and digital health companies, the question is no longer if you will face a cyber threat, but when.
Now is the time to take action.
Book a meeting with our team to assess your cybersecurity readiness. Whether you need to align with ISO 27001, reinforce MDR compliance, or protect patient data against ransomware, we’ll help you build a robust security posture that protects your business—and your patients.
1 - IBM Security. “Cost of a Data Breach Report 2023. https://www.ibm.com/reports/data-breach
2- National Audit Office. “Investigation: WannaCry cyber attack and the NHS.” 2018. https://www.nao.org.uk/report/investigation-wannacry-cyber-attack-and-the-nhs/