News, views and top stories in your inbox. Don't miss our must-read newsletter Sign up Thank you for subscribing We have more newsletters Show me See our privacy notice Invalid Email

The WannaCry cyber attack cost the NHS an estimated £92 million, the Department of Health and Social Care (DHSC) has revealed.

The breach in May last year, which affected computers worldwide, disrupted services and led to thousands of cancelled NHS appointments.

A report by the Public Accounts Committee, published in April, said the health service was "unprepared" for the attack, adding that it was "lucky" the threat had been tackled quickly.

A new report, published by DHSC on Thursday, states services were disrupted in around one third of NHS trusts and 8% of GP practices due to the attack.

More than 19,000 appointments were cancelled, it said.

(Image: AFP)

The report includes the first estimate by DHSC of the financial cost of the attack on the NHS.

Lost output of patient care caused by reduced access to information and the necessary systems cost the NHS an estimated £19 million between May 12 and May 18, it said.

The cost of IT support during the attack was approximately £500,000, while that provided in June and July following the attack was an estimated £72 million.

This includes support provided by NHS organisations and IT consultants to restore data and systems.

The DHSC warned the estimates could not be made with certainty, adding that accurately assessing costs would require collecting data from all affected organisations "which itself would impose a disproportionate financial burden on the system".

(Image: PA)

The WannaCry attack saw data on infected computers encrypted and issued users with a ransom demand to unlock their devices.

The Public Accounts Committee described the attack as "relatively unsophisticated" and warned future breaches could be more sophisticated.

It also called on the national financial cost of the WannaCry attack on the NHS to be calculated in its report, published in April.

It said: "We recognise that at the time of the attack the focus would have been on patient care rather than working out what WannaCry was costing the NHS.

"However, an understanding of the financial impact on the NHS is also important to assess the seriousness of the attack and likely to be relevant to informing future investment decisions in cyber security."

The DHSC said it had agreed £150 million of investment in cyber security over the next three years.

It has also signed a new contract with Microsoft to enhance cyber security intelligence.