The NHS was hit with a near-£100m bill following the fallout of the WannaCry cyber attack last year.

The breach, which affected computers worldwide last May, severely disrupted services and left thousands of appointments cancelled.

Figures revealed for the first time by the Department of Health and Social Care on Thursday show a total cost of £92m to the NHS.

Lost output of patient care caused by reduced access to information and the necessary systems cost the health service an estimated £19m in the seven days following the cyber attack.

IT support during the attack was also costed at approximately £500,000 – and the support provided in the two months afterwards cost an estimated £72m.

The health department warned the figures were only estimates, as obtaining the real costs would “impose a disproportionate financial burden on the system”.

The WannaCry attack saw data on infected computers encrypted – and users were issued with a ransom demand to unlock their devices.

It was described as “relatively unsophisticated” by the public accounts committee, which warned future breaches could be more sophisticated.

The committee said: “We recognise that at the time of the attack the focus would have been on patient care rather than working out what WannaCry was costing the NHS.

“However, an understanding of the financial impact on the NHS is also important to assess the seriousness of the attack and likely to be relevant to informing future investment decisions in cyber security.”

The health department said it had agreed £150m of investment in cyber security over the next three years.

Last month, a North Korean man was identified as the member of a group behind the cyber attack.

US authorities said Park Jin Hyok was part of the state-sponsored “Lazarus Group”, which was allegedly responsible for hacks on Sony Pictures and the theft of $81m (£62m) from a bank.

Leave a Reply

Your email address will not be published. Required fields are marked *