This article is more than 1 year old

Major IT outage forces UK emergency call handlers to use 'pen and paper'

Suspected cyberattack at Advanced takes down part of server estate that hosted range of apps

Updated Tech services provider Advanced has taken part of its infrastructure offline as it tries to contain a suspected security incident, with a range of hosted applications not available to health customers, including NHS 111 emergency services.

The outage began yesterday morning and isn't expected to be resolved until early next week at the earliest, several sources told The Register. According to Digital Health, Advanced has 36 NHS clients that are servicing thousands of healthcare professionals.

Advanced's status page said yesterday it had "identified an issue on infrastructure hosting products used by our Health & Care customers. Those products identified as being affected are Adastra, Carey’s, Carenotes, Crosscare, Odyssey and Staffplan."

Adastra, for example, is said to work with some 85 percent of NHS 111 services, a hotline which provides 24/7 support to give general health information and advice, as well as emergency supplies of prescribed medication and more.

The outage has forced NHS 111 call handlers to work like they did before the advent of digital. "All of these services are now operating on pen and paper, with obvious capacity limitations at a dire time for the NHS," said a source.

Publication Pulse Today said yesterday a letter from NHS England's regional team warned General Practitioners – doctors – in London to expect more patients diverted from NHS 111 due to the technical issues.

The status page continues:

Advanced has initiated a Priority 1 Incident and deployed a highly experienced Priority Incident Team. Whilst the investigation is carried out, Advanced has isolated all services and taken them offline to mitigate the risk of further impact. This means that customers will not be able to access their system, and should revert to contingency measures.

The "incident" is isolated to the above customer groups, Advanced adds, and says early intervention from the Incident Response Team "contained this issue to a small number of servers without our vast infrastructure limiting the impact."

Sources told us the outage bears some of the hallmarks of a cyberattack, with efforts seemingly being made to contain an infection by shutting down some systems.

"We are in communication with the NHS and our associated technology partners and have provided an incident update on our customer support sites. We are committed to providing regular updates as our investigation develops," Advanced's support page says.

"Clients have been told Adastra will not be back online until next Tuesday at the earliest," said someone close to the matter.

The Reg called NHS England for a comment on the situation and was told by a press officer he was aware of it. We have asked for comment on the extent of the impact.

We have also asked Advanced to comment on the nature of the incident, whether an attacker had gained access to its system, when this happened, and how long they had access and when normal service will be resumed.

Advanced operates in the health and care, education, legal, professional services and sport, venues and events markets. It provides a range of public and hybrid cloud services, along with workplace, datacenter, managed and cyber security services. ®

Updated to add

Advanced COO Simon Short has confirmed his biz was compromised by miscreants.

"We can confirm that the incident is related to a cyber-attack and as a precaution, we immediately isolated all our health and care environments," he's quoted as saying by the Beeb.

More about


Send us news

Other stories you might like