Exclusive: One in five trusts did not make critical security updates before cyberattack | News

At least 59 National Health Service (NHS) trusts did not fully cover a security vulnerability in their systems with Microsoft patches before the WannaCry ransomware attack in May, according to an analysis by Health Service Journal (HSJ). The failure to act followed a warning by NHS Digital’s CareCERT cyber defence team that the patch was critical against cyber threats. As many as 14,778 patient appointments and 850 operations were cancelled because of the attack, HSJ wrote.