Patient died 'unexpectedly' after cyber attack on NHS

The death of a patient has been linked to a cyber attack on the NHS.

The attack last year saw 1,100 cancer treatments delayed, 2,000 outpatient appointments cancelled and more than 1,000 operations postponed.

Now, the first death of a patient linked to the attack has been confirmed by King's College Hospital NHS Foundation Trust.

"One patient sadly died unexpectedly during the cyber attack," said a spokesperson.

"The patient safety incident investigation identified a number of contributing factors that led to the patient's death.

"This included a long wait for a blood test result due to the cyber attack impacting pathology services at the time.

"We have met with the patient's family, and shared the findings of the safety investigation with them."

IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack, understood to be carried out by the Russian group Qilin, on 3 June last year.

The hospital trusts affected were Guy's and St Thomas', King's College, and Lewisham and Greenwich, along with primary care across six boroughs and two mental health trusts.

Read more from Sky News:Doctors using unapproved AI to record patient meetingsMinecraft users targeted by cyber criminals

The healthcare providers were unable to do work involving transfusions or blood matching and were forced to use the universal O-type blood for everyone.

This, in turn, contributed to a national shortage of O-type blood supplies, according to NHS England.

Sensitive data stolen from an NHS provider in a cyber attack was apparently published online.

"The death now confirmed is tragic, but it is not surprising," said Deryck Mitchelson, a former chief information security officer for NHS Scotland, who now holds the same role at cyber security firm Check Point.

He added: "The NHS is critically reliant on a complex network of suppliers and service providers. But that means we are only ever as secure as the weakest link in the chain.

"To those behind these attacks: this wasn't a faceless act. It wasn't just systems or data you targeted - it was care. It was people. One of them has now lost their life. That should weigh heavily."