HSE cyber attack and how it may affect you
Our health service was targeted by a criminal cyber attack last year.
The aim of this attack was to disrupt our health services and computer systems, steal data, and demand a ransom for its return.
We have been given a copy of the evidence Gardaí have found of which data has been illegally accessed and copied. This follows a Garda investigation which involved other international police forces.
We are now examining all the affected information. We expect it includes a mix of medical information, personal data, financial information, HSE corporate information, commercial data and general non-personal administrative data.
Personal data means information about individuals, such as names, addresses, contact phone numbers and email addresses. Medical information would include medical records, notes and treatment histories.
What happens next
We have updated the Data Protection Commission. We will work with them to make sure that we contact everyone who needs to be informed when we have reviewed all the information that was illegally accessed and copied.
This will take time as we need to:
- look at all the data that has been illegally accessed and copied
- make sure that we are contacting the right people
You do not need to contact us to ask if your information was illegally accessed and copied.
No evidence of scams related to the attack
Scams involving personal data are common. They can happen at any time.
There is also no evidence that any recently reported scams are linked to this cyber attack.
Read about protecting yourself from scams or attempted fraud
No evidence of data published online
We have no evidence that large amounts of patient or staff data has been published online or sold to criminals involved in fraud.
A small amount of HSE data appeared on the 'dark web', a part of the internet which can only be accessed using special programmes, immediately after the cyber attack. Action has been taken to assist the people affected by this.
What we are doing about the data
The HSE has a high court order to stop all personal and medical information that was illegally accessed and copied in this cyber attack from being published online.
We are working with digital publishers, search engines, social media networks and our legal team to make sure that any of this information is not shared online.
Specialists are also monitoring websites used by criminals to check for activity involving any of the information illegally accessed or copied.
If we are alerted to any of the information appearing online, we will contact the Data Protection Commission and take the necessary action to protect anyone affected.
