This site is intended for health professionals only

Pulse Today At the heart of general practice since 1960
Could GPs actually go private? Why are GPs rethinking LESs?

Could GPs actually go private? Why are GPs rethinking LESs?

Listen to our new podcast episode here

Login Register
Home News Technology Suspected cyber attack affects major GP software supplier

Suspected cyber attack affects major GP software supplier

Suspected cyber attack affects major GP software supplier
By Harry Hetherington
22 December 2025

An NHS software supplier that provides referral systems to 2,000 GP practices has been hit by a suspected cyber attack.  

DXS Systems discovered a ‘security incident affecting its office servers’ on 14 December, according to a notice in the London Stock Exchange, but there has been no reported impact on patient services.

The ransomware group DevMan indicated it was responsible for the incident, listing what it described as 300GB of company data on the dark web and threatening to release it on 20 December (it is not known if it has done so).

Its tools are used by around 2,000 GP practices encompassing 17 million patients, according to the company’s website

The notice said: ‘The Board of DXS International plc … reports that it has suffered a security incident affecting its office servers, which was discovered in the early hours of Sunday morning, the 14th December. 

‘Once discovered, the data security breach was immediately contained by means of a joint effort by DXS’s internal IT security teams in close cooperation with NHS England. The Board has appointed an external cyber security specialist agency whose thorough investigations are underway to establish the nature and extent of the incident.’ 

Despite the breach, DXS said it ‘does not currently anticipate that this incident will have a material adverse impact on its financial position’.  

It said it had notified ‘various NHS bodies’ including NHS England for the purpose of investigating. 

A DXS spokesperson told Pulse the threat was not ongoing. 

An NHS England spokesperson said: ‘We are working with the National Cyber Security Centre and law enforcement partners to support an NHS supplier who is investigating a cyber incident. We are not aware of any patient services being impacted.’ 

In June 2024, Synnovis, a provider of lab services for a group of London hospitals, was the ‘victim of a ransomware cyber attack’ which disrupted its pathology services.   

The perpetrators published information online which Synnovis said included ‘some fragments of patient identifiable data’. The attack caused delays to over 11,000 outpatient and elective procedure appointments and caused significant disruption for GP practices for months

And earlier this year, an NHS software provider was fined over £3m by the ICO for failing to protect against a data hack which severely impacted GPs in 2022. As first revealed by Pulse, parts of the NHS 111 service suffered a ‘total system outage’ during the 2022 cyber attack, and GPs working in urgent care had to share patient records on Word documents.  


			
			
					


          				        
			          

            
                        

              

                

                  

                    
Related Articles

                  

                  					
					                        

                          

                             NHS software provider to pay £3m ICO fine over patient data hack
                            
28 March 2025

                          

                        

                    				
                    					
					                        

                          

                             NHS software provider could get £6m ICO fine over patient data hack
                            
07 August 2024

                          

                        

                    				
                    					
					                        

                          

                             DHSC announces £150m cyber security plan in the wake of NHS hack attack
                            
01 May 2018

                          

                        

                    				
                                        
                                    

              

            

          


          

            

              	 
  



  
            

          

			
        

        

          

                      

          

                      

        

      

    

    

      


		

		

	 		

			
			

				
			

			
		

		

			
			

				
			

			
		

				

		

		 	
				

				

		 		

			
			

				
			

			
		

				

		
	
		 		
		

  

    

      

        

          

                                                                                                			  
			              

                               
                          

            

                              Chronic insomnia educational hub              
Read Now

              
                          
			  
			  
			 
                                              

        

      

    

  



	
	

				

		

			
		

			
			

				
			

			
		

			
					

		

						


	

		

			
Most 
				
				
			

		

		

			
			

                
												
								
							

		

	


    

	 
		
		

		  
		

			  
  


  

    

      
    

  






  

              								  
				  

					
				 

				  
			  	              







  

		

			

			    
				
FOLLOW US

					
			

			

			

			

			

        	
IMPORTANT LINKS

                    

			

	         
MORE FROM COGORA

                    
			

		
	  
  





  

    

      

        
© Cogora 2026
Cogora Limited. 1 Giltspur Street, London EC1A
          9DD Registered in the United Kingdom. Reg. No. 2147432

      

      

        Cogora