Symantec said 1,100 NHS computers were infected with Qakbot worm, a sort of malicious software that can steal personal information such as credit card details and passwords.
The security firm discovered that the malicious software uploaded 4GB of confidential information in mere two-week period.
However, Symantec did not find any clue showing the theft of patient information.
Symantec strongly recommended that computer users must keep anti-virus kits up to date.
In its blog post, the security firm advised, "If you are reading this and are worried about malicious third parties gaining access to your online accounts, now would be a good time to ensure that you change all of your passwords related to your online presence.”
The NHS declined to comment on the issue.