Computer systems at three London hospitals remained down on Wednesday morning after PCs were apparently infected with malware.
No patient data was at risk of disclosure, said William Mach, a spokesman for the U.K.'s National Health Service. As a precaution, computers were shut down at St Bartholomew's, the Royal London Hospital and The London Chest Hospital.
When the infection became known, ambulances were diverted to other hospitals, as it was easier to admit patients using unaffected computer systems rather than revert to a paper-based admission systems, Mach said. The hospitals are now taking emergency patients again, he said.
Official are investigating how the infection occurred, although it did not appear to be malicious, Mach said.
"We've got a team in place that is desperately trying to restore full power to everyone," he said. "They are preoccupied with trying to get the systems online."
The PCs were running McAfee 8.5 antivirus software, Mach said. That product is also known as VirusScan Enterprise. Mach confirmed that the computers were infected with the mass-mailing worm Mytob, discovered in early 2005.
Once running on a PC, Mytob collects e-mail addresses and e-mails itself to other PCs as an attachment. Mytob, also known as MyDoom, can also download other harmful software. However, most antivirus products can detect and remove it. McAfee lists 56 known variants on its Web site.
Hackers, however, often use variety of methods to repackage their malicious software using methods such as compression to make a file appear different and catch antivirus products off guard.
McAfee said in a statement it was given a sample of the version of Mytob affecting the NHS earlier today. The company said its products have detected it since Jan. 13 and that up-to-date products would detect and clean an infection.
"McAfee is only able to comment on the threat itself and any questions regarding the NHS' specific use of McAfee technology should be raised with the NHS," the statement said.
Mach said an internal team has been created to deal with the infections. So far, the NHS has not alerted law enforcement.
"It is not yet known yet how it infected systems in the first place," Mach said.
The National Health Service uses an e-mail system called NHSmail, which contains the contact details for more than one million NHS staffers. According to a NHS Web site, the system "is protected by cutting edge anti-virus and anti-spam protection."