Personal data of south east London patients has allegedly been published online after a ransomware attack on NHS provider Synnovis by a cyber criminal group.

Synnovis, which provides pathology services on blood tests, primarily in south-east London, was the victim of a cyber attack.

The attack is understood to be carried out by Russian group named Qilin on June 3.

Memos to NHS staff at King’s College Hospital, Guy’s and St Thomas’ (including the Royal Brompton and the Evelina London Children’s Hospital) and primary care services in London said a critical incident had been declared.

Hundreds of operations and appointments are still being cancelled two weeks after the incident.

In a statement on Friday, NHS England said: “NHS England has been made aware that the cyber criminal group published data last night which they are claiming belongs to Synnovis and was stolen as part of this attack.”

According to the BBC, the cyber criminal group shared almost 400GB of data – including patient names, dates of birth, NHS numbers and descriptions of blood tests – on their darknet site and Telegram channel.

Spreadsheets containing financial arrangements between hospitals and GP services and Synnovis were also published, the BBC reported.

“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” NHS England said.

“This includes whether it is data extracted from the Synnovis system, and if so whether it relates to NHS patients.”

Synnovis, in a statement on Friday, said: “We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already under way.”

Between June 10-16, the second week after the attack, more than 320 planned operations and 1,294 outpatient appointments were postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.

The number of rearranged planned operations has gone down by 494 since the first week after the attack, June 3-9, but the number of missed outpatient appointments has increased by 394.

The total so far is 1,134 planned operations and 2,194 outpatient appointments postponed, according to NHS England London figures.

Urgent and emergency services have remained available as usual.

Dr Chris Streather, medical director for NHS London, said: “Although we are seeing some services operating at near normal levels and have seen a reduction in the number of elective procedures being postponed, the cyber-attack on Synnovis is continuing to have a significant impact on NHS services in South East London.

“Having treatment postponed is distressing for patients and their families, and I would like to apologise to any patient who has been impacted by the incident, and staff are continuing to work hard to rearrange appointments and treatments as quickly as possible.

“Mutual aid agreements between NHS labs have begun to have a positive impact in primary care providers, helping increase the number of blood tests available for the most critical and urgent cases.

“Patients should access services in the normal way by dialling 999 in an emergency and otherwise use NHS 111 through the NHS App, online or on the phone.

“They should also continue to attend appointments unless they are told otherwise by the clinic team.”