If you received a letter about the cyber-attack on the HSE

We are writing to around 113,000 people whose personal information was illegally accessed and copied during the cyber-attack on the HSE.

We hope to write to everyone that needs to be notified by April 2023.

Information:

If you do not get a letter from us about the cyber-attack, you do not need to do anything.

No evidence of scams or information online

We have no evidence that any of the illegally accessed information has been used in criminal scams or fraud.

A small amount of information appeared on the 'dark web' in May 2021 and was later taken down. The dark web is a part of the internet you can only get to using special computer programs.

After more than 18 months of investigation and careful online monitoring, we have no evidence that any other information has been published online.

What this means for you

If you have received a letter from us about the cyber-attack, this means that part of your personal information was illegally accessed and copied. Your letter will tell you what kind of information was accessed about you.

For most people, only a limited amount of information relating to them was illegally accessed and copied. But there is a chance this information could be misused or published online.

We want to make you aware that this has happened so that you can take steps to reduce any risk to you.

The HSE has a legal measure in place to stop anyone using any of the illegally accessed information or sharing it online.

High Court injunction restricting any sharing, processing, selling or publishing of illegally accessed information (PDF, 4 pages, 460KB)

Protect yourself from scams or attempted fraud

Personal, medical and financial information

The information accessed in the attack includes:

  • financial information
  • medical information
  • personal information, such as names, addresses and contact details

Different people had different kinds of information accessed and copied. Your letter will tell you what kind of information was accessed about you.

Less than 1,000 people being notified had a limited amount of financial information accessed and copied. This mainly relates to HSE employees or former HSE employees.

Request copies of the information that relates to you

Advice for HSE staff who receive a letter about the cyber-attack

Financial information - what we mean

Financial information may include:

  • bank account numbers
  • IBAN
  • sort code
Personal information - what we mean

Personal information means information about you such as your:

  • name
  • address
  • phone number
  • email address
  • PPS number
  • employee number, if you are HSE staff
Medical information - what we mean

Medical information may include:

  • medical notes
  • treatment histories
  • patient number

Risk of criminal scams and fraud

We have no evidence that any information has been used in criminal scams or fraud.

But scams and attempted fraud are very common. They can happen at any time. Some of the most common types of scams involve the use of fake emails, calls or texts pretending to be from real companies.

It is unlikely that criminals can use any financial information from this attack to steal money from you. But they may use your details to contact you and try to trick you into giving them other information, such as your passwords. This is known as 'phishing', 'vishing' or 'smishing'.

Contact your local Garda station if you are approached by anyone who has:

  • used your information for fraud or other criminal purposes
  • is threatening to use your information for fraud or other criminal purposes

If you believe you are a victim of a cyber-crime, take screenshots of texts, emails or any other communication from the suspected criminals.

The HSE is continually monitoring the web and the 'dark web' to see if any of the illegally accessed information has been published online.

Protect yourself from scams or attempted fraud

What you can do next

You do not need to do anything.

But if you want to view the documents accessed and copied that relate to you, you can request a copy of these documents. You will be able to view and download them online.

Request a copy of your personal information accessed in the cyber-attack

If you want to speak to someone, you can also use the HSE data notifications service to request a phone call from us.

If you are concerned about your banking information

If you are concerned about your bank account details, contact your bank.

They will take any action needed to protect you.

Contact your bank

AIB

Phone: 0818 724 724 or 01 771 2424

Bank of Ireland

Phone: 1800 946 764 or 0567 757 007

Credit Union

Contact your individual Credit Union branch directly

EBS

Phone: 0818 654 322

KBC

Phone: 1800 92 93 44

Permanent TSB

Phone: 1800 687 687 or 01 669 5851

Page last reviewed: 29 November 2022