Skip to main content

HSE cyber attack and how it may affect you

Our health service has been targeted by a criminal cyber attack. 

The aim of this attack was to disrupt our health services and computer systems, steal data, and demand a ransom for its return. The HSE and the Government will not pay a ransom.

We have had to shut down hospital and health service IT systems to protect them. Some health services have had to be postponed.

We are working hard to restore all health services quickly and safely.

Read updated information on health service disruptions

How the cyber attack affects you

This criminal attack may affect your:

  • access to health services - many services have been disrupted because of the attack
  • personal and medical information - there is evidence that patient and staff information was accessed in the cyber attack

We are working to find out exactly what information has been stolen, so we can take the necessary action and notify the Data Protection Commission of any further breaches.

No evidence of large data leaks

A small amount of HSE data has appeared on the 'dark web', a part of the internet which can only be accessed using special programmes. Action is being taken to assist the people affected by this.

There is no evidence that large amounts of patient or staff data has been published online or sold to criminals involved in fraud.

No evidence of scams related to attack

Scams involving personal data are common. They can happen at any time.

It is possible the criminals may sell information stolen in the cyber attack to other criminals involved in fraud, such as online or phone scams. But there is no evidence that this has happened. There is also no evidence that any recently reported scams are linked to this cyber attack.

Read advice from the fraud smart on how to protect yourself from fraud

Your personal and medical information

Personal data means any information about you, such as your name, address, contact phone numbers and email address.

Your medical information may include your medical records, notes and treatment histories.

What we are doing to protect your information

The HSE has a high court order to stop personal and medical information that may have been stolen in this cyber attack from being published online.

We are working with digital publishers, search engines, social media networks and our legal team to make sure that any information that has been stolen is not shared online.

Specialists and our legal team are also monitoring websites used by criminals to check for activity involving any data stolen in the cyber attack.

If we are alerted to stolen information appearing online, we will contact the Data Protection Commission and take the necessary action to protect anyone affected.

There is no evidence that large amounts of patient or staff data has been published online or sold to criminals involved in fraud.

Read the High Court injunction restricting any sharing, processing, selling or publishing of stolen data (PDF, 4 pages, 460kb)

Garda investigation

We are working with the Gardaí, Government, our legal team and other agencies to investigate this crime and to protect your private information.

What you can do

If you are approached by anyone who has used, or is threatening to use your data for fraud or other criminal purposes, contact your local Garda station to report the crime.

Encourage vulnerable people in your life to take care with scam messages and calls, but also not to worry too much.

Read advice on dealing with suspected scam calls, texts or emails

Health service disruptions

Access to health services and patient care has been disrupted by this criminal attack.

Our hospitals and health services are open but some appointments are postponed. Emergency departments are very busy.

We are trying to get priority health services back up and running first including:

  • radiology and diagnostic systems
  • maternity and infant care
  • patient administration systems
  • chemotherapy
  • radiation oncology

Some hospital labs and radiology systems are back working. Other hospitals will take longer.

Read updated information on health service disruptions

Reliable information sources

Websites where you can find reliable information about the cyber attack:

page last reviewed: 28/05/2021
next review due: 28/05/2024