South Africa’s government-run National Health Laboratory Service (NHLS) is recovering from a ransomware hack. This cyberattack disrupted its systems and deleted backup data.

Public health laboratory testing was delayed due to the NHLS’s digital infrastructure weaknesses. Labs are processing clinical samples, but physicians can not obtain test results online.

The NHLS estimates that recovering attack-compromised data may take weeks. They assured the public there was no breach of patient confidentiality. Lab test results have been delayed, straining emergency services and intensive care units.

Read also: Kaspersky launches comprehensive online Cybersecurity training

Cybersecurity Crisis: NHLS IT Systems Breached

The NHLS’s IT and backup systems were hacked on June 22, 2024. Thus, many healthcare practitioners cannot access lab test results and patient data. 

The NHLS diagnoses 80% of South Africans. Therefore, the cyberattack has had a significant impact on healthcare delivery. Due to the backlog of over 6.3 million unprocessed blood tests, primary medical operations have been delayed, putting patients in danger.

With over 265 laboratories nationwide, the NHLS automates public health facility test findings and makes them available online to healthcare practitioners. The cyberattack has disrupted this vital service, causing healthcare issues. 

The National Health Laboratory Service (NHLS) cybersecurity compromise delayed laboratory testing, particularly at the Gauteng health laboratory, on July 2, 2024, as cyberattacks persisted.

Ransomware Attack: NHLS Response and Recovery

The NHLS admits that the ransomware attack compromised its systems and deleted critical infrastructure and backup material. Rebuilding the impacted components will take time, and there is no deadline for system restoration. 

Read also: Lagos Launches Cybersecurity Operations Centre (CSOC)

The NHLS will call clinicians with key test results to mitigate the breach. Due to this stopgap solution, healthcare facilities, NHLS staff, and patients are concerned about the service’s reliability and future resilience.

Cybercriminals may be targeting South Africa more due to recent events. The ITAC was hacked in January 2024. In February 2024, the Companies and Intellectual Property Commission (CIPC) had another security breach. Cybersecurity goes beyond South Africa. 

On June 29, 2024, Kenyan healthcare providers had issues with the National Health Insurance Fund service site. Patients had to pay in cash owing to the digital service outage. These instances demonstrate the region’s growing cyber danger and the necessity for robust security to protect sensitive data and critical services.