• South Africa's National Health Laboratory Service (NHLS), a government-operated diagnostic pathology service, is recovering from a ransomware attack, which disrupted systems and deleted backups.

• This attack targeted vulnerabilities in the NHLS's infrastructure, causing delays in lab testing across public health facilities. 

• While all laboratories are now reportedly fully functional and processing clinical samples, physicians no longer have access to test results via the online portal.

The NHLS stated it would take a few weeks to restore breached data but assured the public that no patient data was compromised. The delays in lab test results have impacted emergency patients and put intensive care units at risk nationwide.

On June 22, 2024, the IT systems of the diagnostic service were hacked, compromising backup systems as well. This breach has rendered lab test results and patient information inaccessible to clinicians across many healthcare centres. 

As the primary provider of diagnostic pathology services for 80% of the population, this incident has severely hindered healthcare delivery. Nationwide, major operations are being postponed due to over 6.3 million unprocessed blood tests, posing health risks to patients who require these results to monitor their conditions. 

The NHLS, which operates over 265 laboratories nationwide, typically processes these test results automatically from public health facilities and makes them available online. 

On July 2, 2024, reports showed that the cybersecurity breach caused delays in lab tests at the Gauteng health lab amid ongoing attacks on the NHLS. 

Meanwhile, the NHLS has confirmed that a ransomware attack caused a significant breach, deleting sections of their system including backups. Rebuilding these parts will take considerable time, with no clear timeline for full restoration yet determined. 

In response, urgent results will be communicated via telephone to clinicians temporarily. This situation has raised concerns among healthcare centres, NHLS staff, and patients about the service's operational continuity.

South Africa appears to be a prime target for cybercriminals lately. In January 2024, the International Trade Administration Commission of South Africa (ITAC) suffered a cyber attack. Similarly, in February 2024, the Companies and Intellectual Property Commission (CIPC) also experienced a security breach.

What’s more, healthcare providers in Kenya experienced technical issues with the National Health Insurance Fund (NHIF) service portal on June 29, 2024, forcing patients to resort to cash payments instead.