News: 1753964949

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

NHS disability equipment provider on brink of collapse a year after cyberattack

(2025/07/31)


A major supplier of healthcare equipment to the UK's National Health Service and local councils is on the verge of collapse 16 months after falling victim to cyber criminals.

Private equity-backed NRS Healthcare works with around 40 councils across England and Northern Ireland, although most of its services are provided to authorities in Southeast England.

In a statement to the [1]BBC , a spokesperson at the company said management had tried in recent months "to turn around the business and explore all possible options to safeguard services and protect the communities who rely on them.

[2]

"We have already begun transferring all services to other providers and are implementing plans with the local authorities to preserve service provision and jobs."

[3]

[4]

NRS Healthcare said in its last set of public accounts for fiscal 2024 ended March 31, 2024, that operations were minimally affected by the cyberattack - claimed by [5]RansomHub - as it happened just before the close of that trading period. It added that the financial toll was expected to be heavier in the following fiscal year.

The document states: "On 28th March 2024, the organization was the target of a cyber incident. Whilst the incident had very little impact on the results for the reporting period within these financial statements due to the timing, it is important to note that the business recovered operationally very swiftly, enabling the Group to meet the needs of our service users with minimal disruption.

[6]

"Our response also resulted in a pre-planned six-month digital transformation project being accelerated and delivered in just three weeks; this included the reimaging and/or replacement of over 1,000 laptops across the estate and further enhancing our cybersecurity with the highly rated external certification, [7]Cyber Essentials Plus .

"Costs relating to the recovery of the cyber incident have impacted the subsequent reporting period and are ongoing into 2025.

Thw company had "completed restructuring of debt held on the balance sheet to enable further investment in technology and other strategic inititatives," earlier in March 2024 before the cyber attack.

[8]

[9]Sky News reports that NRS Healthcare had tasked PricewaterhouseCoopers, one of the Big Four accountancy firms, to secure a buyer for the business but it been unable to do so and that NRS is now nearing compulsory liquidation.

Compulsory liquidation is a formal insolvency procedure for companies in the UK. Unlike in the US, where the term "bankruptcy" can apply to businesses, in UK law, bankruptcy refers only to individuals. Compulsory liquidation proceedings are typically initiated by creditors and involve the courts assuming all power over the company, selling off its assets, and winding it down.

Sky News also claimed that the terms of NRS Healthcare's contracts with local authority customers had resulted in its financial decline.

According to a letter sent to the Department of Health and Social Care (DHSC), local councils warned of NRS Healthcare's financial instability and how, if it were to collapse, they would be unable to meet their statutory obligations to provide immediate community support.

[10]UK to ban ransomware payments by public sector organizations

[11]Write-back to aging UK health systems lessens benefits of Palantir-based platform

[12]UK Spending Review prescribes £10B digital remedy for NHS

[13]'Major compromise' at NHS temping arm exposed gaping security holes

NRS provides various products and services including tech-enabled care solutions, occupational therapy, and home improvements, although it's primarily tasked with providing equipment for hospital leavers, such as wheelchairs and other mobility equipment.

As a result, much of its work is fulfilled on an urgent basis. The letter to DHSC reportedly stated that the majority of these orders require same-day or next-day delivery.

A DHSC spokesperson told The Register : "We are closely monitoring this situation and are working with a range of partners who are supporting local authorities to minimize any potential disruption, find alternative suppliers if needed, and ensure patients continue to receive high-quality care."

NRS Healthcare is working directly with all local authorities with which it has contracts. If the company ceases trading, local councils are legally required to find alternative solutions to the short-term disability aid needs for their communities.

These obligations are not overseen by central government, although the BBC reported that in their letter to DHSC, councils asked the government for a cash injection to manage a potential transition period if NRS were to liquidate.

The Register contacted NRS Healthcare and backer Graphite Capital for additional information. ®

Get our [14]Tech Resources



[1] https://www.bbc.co.uk/news/articles/cn72mpz0zzeo

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aIuTGtVLpITvPuNhV1D4qwAAAEg&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIuTGtVLpITvPuNhV1D4qwAAAEg&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIuTGtVLpITvPuNhV1D4qwAAAEg&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[5] https://www.theregister.com/2024/06/05/ransomhub_knight_reboot/

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIuTGtVLpITvPuNhV1D4qwAAAEg&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[7] https://www.theregister.com/2024/12/03/ncsc_annual_review/

[8] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIuTGtVLpITvPuNhV1D4qwAAAEg&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[9] https://news.sky.com/story/official-receiver-may-step-in-as-council-care-provider-nrs-healthcare-nears-collapse-13404011

[10] https://www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/

[11] https://www.theregister.com/2025/07/10/writeback_to_ageing_nhs_systems/

[12] https://www.theregister.com/2025/06/12/nhs_tech_spending_review/

[13] https://www.theregister.com/2025/06/12/compromise_nhs_professionals/

[14] https://whitepapers.theregister.com/


If NRS does hit the wall ....

KittenHuffer

.... then Karma will only be satified if the scrotes that fubared their systems happen to be leaving hospital at around the same time, and find themselves bereft of the equipment that NRS would have supplied.

Thinking about it, I wonder if there is any way we could help Karma to be satisfied?!?

Oh sure

Pascal Monett

" a pre-planned six-month digital transformation project being accelerated and delivered in just three weeks "

Okay, so either your initial planning was shit, or the results you got are shit, but you cannot tell me that a 6-month project was properly done in 3 weeks.

If that is indeed the case, you need to review your planning procedures, because they are shit.

Re: Oh sure

katrinab

I'm guessing they were about to do it anyway, over a planned controlled 6 month migration period, but given that the old system had been completely hosed anyway, they figured it would be reconstruct on the new one rather than the old?

Re: Oh sure

Paul Crawford

I doubt you could replace some legacy/insecure system with anything new in 3 weeks, that would only be enough time to restore from backups and do a bit of testing and training on not inviting Mr Cockup for dinner again.

Re: Oh sure

Empire of the Pussycat

Given that it included "...reimaging and/or replacement of over 1,000 laptops across the estate...", seems perfectly reasonable to spread that over 6 months to avoid disruption and reduce support volume.

But if everything is hosed anyway, there's opportunity to replace/upgrade much faster.

Unless you know their original plans, there's no rational basis for saying they were "shit".

Missing information in article

IGotOut

It's also worth pointing out they had multiple contracts with councils that were running at a loss, mainly due to rising costs.

"The company's accounts say it suffered a costly cyber attack last year and it is also understood to have been losing money on some of its contracts with councils."

https://www.bbc.co.uk/news/articles/cn72mpz0zzeo

Private equity-backed

Fruit and Nutcase

Do the rising costs include debt to the private equity backers?

Cyber Essentials Plus

Dr Who

Worth nothing that the British Library, which suffered a comprehensive cyberattack that took a huge amount of time and effort to recover from, were certified to Cyber Essentials Plus level.

To their credit they published a comprehensive post mortem of what happened, how they dealt with it, and the lessons they learned and want to pass on to others. It's a model of how organisations should respond in the event of a cyber incident. Anyone who takes this stuff seriously could do worse than than to read and inwardly digest the document.

https://www.bl.uk/home/british-library-cyber-incident-review-8-march-2024.pdf

Deadwood, n.:
Anyone in your company who is more senior than you are.