South Africa's National Health Laboratory Service (NHLS) is recovering from a ransomware attack that disrupted diagnostic systems and deleted backups, causing delays in lab testing across public health facilities.

The attack on June 22 targeted vulnerabilities in NHLS's infrastructure, rendering lab test results and patient information inaccessible. Although all laboratories are now fully functional and processing clinical samples, physicians cannot access test results via the online portal.

The NHLS assured the public that no patient data was compromised and that breached data would be restored within weeks. However, the delays have impacted emergency patients and put intensive care units at risk nationwide.

As the primary diagnostic service for 80% of South Africa's population, the incident has severely hindered healthcare delivery. Over 6.3 million unprocessed blood tests have led to postponed major operations, posing significant health risks to patients who rely on these results.

In response, urgent test results will be communicated via telephone to clinicians. This interim measure has raised concerns among healthcare centres, NHLS staff, and patients about the service's operational continuity.

South Africa has become a prime target for cybercriminals. Earlier this year, the International Trade Administration Commission and the Companies and Intellectual Property Commission also suffered cyber attacks. Additionally, Kenya's healthcare providers experienced technical issues with the National Health Insurance Fund service portal on June 29, forcing patients to make cash payments.

The NHLS, operating over 265 laboratories nationwide, faces a long recovery process, with no clear timeline for full restoration yet determined.

‍