A cyber-attack on a major IT provider of the NHS has been confirmed as a ransomware attack, according to reports by the BBC.
Advanced, which provides digital services like patient check-in and NHS 111, says it may take three to four weeks to fully recover.
Ransomware hackers take control of IT systems, steal data and demand a payment from victims to recover.
The NHS insists that disruption is minimal, but Advanced would not say whether NHS data had been stolen.
The Birmingham-based firm says it first spotted the hack at 07:00 BST on 4 August and immediately took steps to contain the hackers. It is now working to restore services.
The company refused to say if it was in negotiations with hackers or paying a ransom to them.
An NHS England spokesperson said: “While Advanced has confirmed that the incident impacting their software is ransomware, the NHS has tried and tested contingency plans in place including robust defences to protect our own networks, as we work with the National Cyber Security Centre to fully understand the impact.”
An NHS staff member said the attack had left them without notes for some patients’ medical histories, adding that local NHS Trusts had been forced to set up alternative plans to rectify problems.
The National Cyber Security Centre, which is part of GCHQ, said it was working with Advanced to help it recover.
A NCSC spokesman said: “Ransomware is the key cyber-threat facing the UK, and all organisations should take immediate steps to limit risk by following our advice on how to put in place robust defences to protect their networks.”