When news broke of another cyberattack linked to the NHS, many patients were left wondering: “Has my hospital been affected?” The breach – which exploited a vulnerability in Ivanti software – is being taken seriously by NHS officials, and rightly so.
But what happened exactly? And which hospitals might be impacted?
What is the NHS Ivanti cyberattack?
Ivanti is a software company whose tools help organisations manage and secure their IT systems. According to the Ivanti website:
“Ivanti finds, heals and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best.”
But hackers found and exploited a vulnerability in one of its products – a tool commonly used for remote access. While this wasn’t a direct attack on the NHS, some trusts use Ivanti’s software. And, in May 2025, two leading trusts – University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust – were named in connection with a serious cyberattack that may have compromised patient and staff data.
Which NHS hospitals were affected by the data breach?
At this point, an investigation is still underway. But what’s clear is that sensitive medical information could have been compromised. So, which hospitals could be affected?
Because this breach relates to two NHS trusts, the list of potentially affected organisations is still being determined. However, we do know that University College London Hospitals and University Hospital Southampton manage the following hospitals:
- Elizabeth Garrett Anderson Wing
- Hospital for Tropical Diseases
- Institute of Sport, Exercise and Health
- National Hospital for Neurology and Neurosurgery
- Royal London Hospital for Integrated Medicine
- Royal National ENT and Eastman Dental Hospitals
- University College Hospital
- University College Hospital at Westmoreland Street
- University College Hospital Grafton Way Building
- University College Hospital Macmillan Cancer Centre
- Southampton General Hospital
- Princess Anne Hospital
- New Forest Birth Centre
- Royal South Hants Hospital
- Lymington New Forest Hospital
At this stage, we do not know if any other hospitals or trusts were affected.
What we do know about the Ivanti breach NHS 2025
The breach is being treated as a national incident, with a full investigation by the National Cyber Security Centre (NCSC) and NHS cybersecurity teams.
We cannot rule out the possibility that patient records may have been accessed. One leading cybersecurity expert has described the breach as a “wake-up call for the healthcare system”. He has warned of the risk – not only to personal data – but across the NHS, potentially impacting critical hospital operations, appointments, surgeries, systems, and medical devices essential for patient care.
Why this matters for patients
Let’s be clear: if hackers were able to exploit vulnerabilities in NHS systems – even systems outsourced to a third-party – it’s a breakdown of the trust patients place in the NHS to protect their most personal information. And while NHS staff work hard to maintain that trust, they’re also being let down when systems aren’t up to scratch or external partners don’t meet security standards.
What can you do if you're concerned?
It’s understandable to feel uneasy. Right now, the best thing you can do is stay informed. If you receive a letter or email from the NHS or a supplier stating that your data may have been exposed, keep a record of it. That could be important if you choose to pursue a claim.
You may be entitled to compensation if your personal information was mishandled – not as a punishment to the NHS, but as a way to hold organisations accountable and improve future protections. We have spoken to lawyers who are currently investigating a potential group legal action. If you think you might be able to join a claim, check your eligibility now.
