HSE cyber attack: Stolen patient data could be abused, Government says

Government ministers received a security briefing from National Cyber Security Centre officials on Monday afternoon
HSE cyber attack: Stolen patient data could be abused, Government says

The Government has said the cyber attacks on the State’s health services are “despicable crimes” and “no effort is being spared” to resume medical services and restore the HSE’s system.

It also said any public release of stolen patient data by the criminals behind the attack would be “utterly contemptible”. It said there is a risk that medical and other data of patients will be abused – anyone who is affected is urged to contact the HSE and gardaí.

Government ministers received a security briefing from National Cyber Security Centre (NCSC) officials on Monday following the ransomware attack that targeted the HSE and crippled its IT systems.

Taoiseach Micheál Martin, Tánaiste Leo Varadkar, Minister for Transport Eamon Ryan, Minister for Justice Heather Humphreys, Minister for Health Stephen Donnelly and Minister of State for Communications Ossian Smyth were told of the ongoing impact of the attack as well as the technical responses deployed and work to recover the HSE’s IT systems.

In a statement, a Government spokesperson said their main concern is to “secure as speedy a resumption of all medical services as can possibly be achieved, consistent with ensuring that the HSE’s system can be safely and robustly restored”.

“No effort is being spared to achieve this,” they added.

The ransomware attack on the HSE on Friday morning caused major disruption as it required a shutdown of all IT systems and led to the cancellation of many out-patient appointments.

Several days

Efforts to restore the systems are ongoing, but it will likely be several days before services return to normal.

The response is being led by the NCSC in collaboration with the HSE, the Government’s chief information officer and a specialist cybersecurity contractor.

In addition, a number of private sector cybersecurity experts have volunteered their support in recent days.

There is said to be “hundreds of people deployed to tackle this attack in accordance with the pre-determined plan for such cyberattacks” and “detailed technical work” is continuing to restore the HSE’s IT infrastructure.

The Government said the HSE is “continuing to make the necessary arrangements in the interim to provide the maximum possible availability of services to patients across the State.

“While the process will, inevitably, take some time, the HSE and its partners are working to ensure that the maintenance and restoration of care for patients can progress in the coming days.”

The details of the hospital services available and being restored will be updated by the HSE on its website on a regular basis.

No other attacks

Earlier, Mr Varadkar said he was not aware of any other bodies that have been affected, following reports of a widespread audit of Government departments to see if they have been hit by the cybersecurity threat.

He told reporters: “There hasn’t been one on my department, or any other body that I’m aware of.

“But needless to say, we’re doing everything we can to strengthen our security systems.”

Mr Varadkar said there had been an attack on the HSE and unsuccessful attempt to hack into the Department of Health.

He described it as a “heinous crime”, targeting the sick.

“It’s not just an attack on the State. It’s not just an attack on a computer system.

“It is an attack on sick people, sick people whose care is now going to be delayed, and is going to be affected. That really makes it a heinous crime in my view.

“And we have to deal with these people, we have to cooperate on an international level and catch them and bring them to justice.” – Additional reporting: PA

More in this section

Sponsored Content

Add Echolive.ie to your home screen - easy access to Cork news, views, sport and more