British health officials incurred over $120 million in costs related to the WannaCry virus that infected the U.K.’s hospital system in 2017, a government report said Thursday.
WannaCry cost the U.K. National Health Service roughly £92 million, or about $121.74 million, the Department of Health report concluded.
Services at one-third of the agency’s hospital trusts were disrupted as a result of WannaCry, and ultimately the virus was responsible for causing the cancellation of over 19,000 medical appointments, health officials determined.
“While this may only be a small proportion of overall NHS activity, it represents disruption to the care of a significant number of patients,” the report said.
WannaCry claimed victims in over 150 countries upon being unleashed in May 2017, including NHS computers in addition to machines used by the likes of Boeing, FedEx and Honda, among others.
The U.S. and U.K. government have both blamed the outbreak on North Korea, and last month the Trump administration charged a suspected state-sponsored hacker, Park Jin Hyok, accused of participating in the creation of WannaCry at Pyongyang’s behest.
North Korea has previously denied involvement in WannaCry, and last month a government official described Mr. Park as “a nonexistent entity.”
WannaCry exploited a critical vulnerability affecting Microsoft Windows computers that had been previously discovered by the U.S. National Security Agency. Known as EternalBlue, that vulnerability and others were leaked online months earlier by the Shadow Brokers, a mysterious entity that has repeatedly published powerful hacking tools allegedly pilfered from the NSA.
Marcus Hutchins, a British security researcher credited with activating a “kill switch” that effectively ended the WannaCry outbreak, was subsequently indicted by U.S. prosecutors on unrelated hacking charges and has pleaded not guilty.