All the IT systems of the National Health Laboratory Service are down after an attempted cyber attack this weekend. (boonchai wedmakawand/Getty Images)

• The IT systems at the National Health Laboratory Service (NHLS) are down following an attempted cyberattack this weekend.
• Lab reports are being communicated to clinicians by telephone.
• The NHLS CEO said that client data is safe. 
• For more financial news, go to the News24 Business front page.

All the internal and external IT systems of the National Health Laboratory Service (NHLS) remain down following an attempted ransomware attack by an unidentified actor this past weekend.

“All our systems remain inaccessible both internally and externally, including to and from healthcare facilities, until the integrity of the environment is secured and repaired,” said Prof Koleka Mlisana, the CEO of the NHLS in a statement on Tuesday afternoon.

The NHLS has a huge network of laboratories that are used for testing in the public health sector.

The body is the only source of laboratory services for the public sector. Samples of body fluids, tissue, and cells are analysed to help detect, diagnose and treat diseases like AIDS and tuberculosis. 

While all the modalities are not known, it can be assumed that it would have to store and process some of the data from the test results to function.

Mlisana said that preliminary reports indicate that client information has not been leaked.

“All patient data is safe. The investigation indicated that a ransomware virus was utilised to target selected points in the NHLS IT systems, rendering them inaccessible and blocking communication from the LIS and other databases to and from users,” Mlisana said.

Damage done

The cyberattack was not without consequence, though, as Mlisana said that sections of the NHLS IT system had been “deleted” owing to the system shutdown.

“Sections of our system have been deleted, including in our backup server, and this will require rebuilding the affected parts. 

“Unfortunately, this will take time, and investigations thus far have not advanced enough for us to give a timeframe toward the restoration of our systems and full service,” said Mlisana.

Foster Mohale, a spokesperson at the Department of Health, told News24 that the department had been informed about the “unfortunate incident”.

Nomzamo Zondi, spokesperson for the Information Regulator, told News24 on Monday evening that the NHLS had not reported the incident at that stage.

“We will interact with the responsible party and the responses received from the responsible party will determine the way forward in terms of conducting investigation,” Zondi said.

The Information Regulator is responsible for enforcing the provisions of the Protection of Personal Information Act. Any entity that is aware of a security compromise that puts the personal information of its clients at risk must report the matter to the Information Regulator.

Mlisana claimed that all laboratories remain fully functional despite the status of the IT systems.

Instead of using the normal digital system to inform clinicians of lab test results, labs are communicating test results telephonically instead.

She said that the NHLS team was working around the clock to address the issues and ensure the continuity of service.