Blood testing partnership Synnovis has warned that its hacked blood transfusion services may not be fully functioning again until the autumn.
Its systems fell victim to ransomware hackers and the pathology partnership says it has rebuilt many of the 60 which were affected.
The hackers made systems unusable unless a payment was received and caused significant disruption, with hundreds of operations and thousands of appointments cancelled.
Synnovis said the blood transfusion services would “continue to be stabilised over the summer”.
The situation is also part of the reason the NHS made an urgent appeal for blood donors after warning stocks had dropped to “unprecedently low” levels.
Synnovis is a partnership between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospitals NHS Trust and Synlab, a commercial testing firm.
It said more of its laboratories could now be reconnected to systems that enabled the service to receive test orders and return results electronically.
Core chemistry and haematology services have been restored at King’s College and Princess Royal University Hospitals, with Guy’s and St Thomas’, Royal Brompton and Harefield Hospitals to follow “in days”.
As a result it expected “to be able to increase the numbers and types of tests shortly”.
Dr Chris Streather, medical director for NHS London, welcomed the news but said: “It will take further time for this to roll out, but we will soon start to see faster turnaround times for most routine blood tests.”
He said the delay in restoring blood transfusion services meant “that there will be a continued impact on planned operations and a need for hospitals to help each other by taking patients where needed”.
He added: “Despite the challenges, most services are now working at near-normal levels, including in outpatients, day cases and non-elective care. This means it’s important that patients with booked appointments continue to attend unless they have been contacted to say otherwise.”
Qilin, a Russian cyber-criminal group claimed responsibility for the attack.
The group attempted to extort money from Synnovis, and when that failed posted almost 400GB of stolen data online.
A sample of the data seen by the BBC includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if test results are also in the data.
The company said IT experts are still investigating how the hack happened. It showed just how destructive and disruptive ransomware can be.
Synnovis did not pay the hackers, so it had to rebuild its systems from scratch – as well as find a way to access critical data from back-ups, which takes a huge amount of time and effort from IT teams.
However, even if the partnership had paid up, it may have faced months of work to return to full functionality.