Skip to main content

HSE cyber attack and how it may affect you

Our health service was targeted by a criminal cyber attack last year.

The aim of this attack was to disrupt our health services and computer systems, steal data, and demand a ransom for its return.

We have been given a copy of the evidence Gardaí have found of which data has been illegally accessed and copied. This follows a Garda investigation which involved other international police forces.

We are now examining all the affected information. We expect it includes a mix of medical information, personal data, financial information, HSE corporate information, commercial data and general non-personal administrative data.

Personal data means information about individuals, such as names, addresses, contact phone numbers and email addresses. Medical information would include medical records, notes and treatment histories.

What happens next

We have updated the Data Protection Commission. We will work with them to make sure that we contact everyone who needs to be informed when we have reviewed all the information that was illegally accessed and copied.

This will take time as we need to:

  • look at all the data that has been illegally accessed and copied
  • make sure that we are contacting the right people

You do not need to contact us to ask if your information was illegally accessed and copied.

No evidence of scams related to the attack

Scams involving personal data are common. They can happen at any time.

There is also no evidence that any recently reported scams are linked to this cyber attack.

Read about protecting yourself from scams or attempted fraud

No evidence of data published online

We have no evidence that large amounts of patient or staff data has been published online or sold to criminals involved in fraud.

A small amount of HSE data appeared on the 'dark web', a part of the internet which can only be accessed using special programmes, immediately after the cyber attack. Action has been taken to assist the people affected by this.

What we are doing about the data

The HSE has a high court order to stop all personal and medical information that was illegally accessed and copied in this cyber attack from being published online.

We are working with digital publishers, search engines, social media networks and our legal team to make sure that any of this information is not shared online.

Specialists are also monitoring websites used by criminals to check for activity involving any of the information illegally accessed or copied.

If we are alerted to any of the information appearing online, we will contact the Data Protection Commission and take the necessary action to protect anyone affected.

High Court injunction restricting any sharing, processing, selling or publishing of illegally accessed data (PDF, 4 pages, 460kb)

Last updated: 29 April 2022 at 12.55pm

page last reviewed: 28/05/2021
next review due: 28/05/2024