Police have halted all work with the UK’s largest private forensics provider after a ransomware attack, in the latest crisis to hit the forensics sector
Police have suspended work with the UK’s biggest private forensic company following a cyber-attack on the firm.
The suspension has led to delays in forensic testing, which could impact on court cases.
Eurofins Forensic Services carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK.
Its parent company, Eurofins, suffered a ransomware attack on 1 or 2 June, which is under criminal investigation.
Ransomware is a computer virus that prevents users from accessing their system or personal files and demands ransom payment in order to unlock access.
It is the latest in a series of major forensic science problems to hit police forces since the closure of the government-owned service in England and Wales in 2012.
An emergency police response has been put in place, led by the National Police Chiefs’ Council (NPCC), which took the decision to “temporarily suspend” all submissions to Eurofins.
Eurofins, which caters for over 50% of the UK market, deals with over 70,000 criminal cases in the UK each year.
A group of senior officers will ensure the most serious crimes are given priority, as well as ensuring other forensic providers aren’t overloaded with submissions.
“Our priority is to minimise the impact on the criminal justice system,” said the NPCC lead for forensics, Chief Constable James Vaughan.
“It is too early to fully quantify the impact but we are working at pace with partners to understand and mitigate the risks.”
The Crown Prosecution Service said a police investigation was ongoing, but at this stage there was “no evidence to suggest that previous convictions were unsafe”.
A spokesperson added: “The CPS is assessing current cases to identify any impact on criminal trials as a result of this attack, and will ensure all necessary action is taken to allow them to proceed fairly.”
Eurofins said the attack “caused disruption to many of its IT systems in several countries” in a statement on it website.
It said it believed the attack was carried out by “highly sophisticated well-resourced perpetrators” and the ransomware involved appears to have been a “new malware variant”.
The National Crime Agency is conducting an investigation into the cyber attack, supported by the National Cyber Security Centre.
A government spokesperson said: “We are working closely with law enforcement and justice partners to investigate the sources of the attack and minimise any impact on our criminal justice system.”
Forensic science work has been carried out by private firms and police laboratories in England and Wales since the closure of the government’s Forensic Science Service in 2012.
Last year 40 drug-driving offences were quashed and thousands of cases were reviewed after data was allegedly manipulated at Randox Testing Services.
Another company – Key Forensic Services – collapsed in January 2018, while the Met Police also had to carry out a review after a forensic scientist apparently botched examinations.
Eurofins has seven laboratories in the UK – Teddington, south-west London; Leeds Dock, in Leeds; Risley, Cheshire; Wakefield, south Yorkshire; Culham, Oxfordshire; Fordham, Cambridgeshire; Tamworth, Staffordshire.
It also provides a range of other screening services to industry, agriculture and the pharmaceutical sector. The impact on these services is unclear.