UK's National Health Service Hit in Global Ransomware Wave

Multiple outlets are reporting a wave of ransomware attacks affecting the UK’s National Health Service as well as other firms throughout the world.

AccessTimeIconMay 12, 2017 at 9:20 p.m. UTC
Updated Sep 11, 2021 at 1:19 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Multiple outlets are reporting a wave of ransomware attacks affecting the UK’s National Health Service (NHS) as well as other firms throughout Europe.

The attack is said to have impaired the hospital and health service network's ability to communicate, while patient records and other resources were unavailable as well. Ransomware is a kind of malicious software that locks up a computer, demanding a ransom – typically to be paid in bitcoin – in order to unlock the files.

Reports indicate that as many as 40 offices connected to NHS were impacted, though according to The Guardian, the UK hasn’t yet moved to confirm this figure. Prime Minister Theresa May issued a statement on the attack, declaring that no patient data is believed to have been compromised.

Outlets are reporting that more than a dozen countries – and as many as 74, according to one security firm – have been affected by the hacking tool. Cybersecurity firm Kapersky Labs has said that the majority of the attacks were directed toward Russia, and that available figures may not fully represent the scale of the impact.

Some of the companies impacted include shipping giant FedEx and Spanish telecommunications giant Telefónica.

According to The New York Times, the attack is believed to have been powered by a hacking tool originally developed by the US National Security Agency and published last month by a group known as the Shadow Brokers.

It remains to be clear whether the companies affected by the attacks will pay the requested ransoms – as much as $300 in bitcoin per machine, as reports indicate. Yet bitcoin addresses highlighted in the ransomware's code by Matthieu Suiche, founder of cybersecurity firm Comae Technologies, indicate that at least some people are paying the demanded ransoms.

Image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.