If you received a letter about the cyber-attack on the HSE

We are writing to around 90,000 people whose personal information was illegally accessed and copied during the cyber-attack on the HSE.

No evidence of scams or information online

We have no evidence that any of the illegally accessed information has been used in criminal scams or fraud.

A small amount of information appeared on the 'dark web' in May 2021 and was later taken down. The dark web is a part of the internet you can only get to using special computer programs.

After more than 2 years of investigation and careful online monitoring, we have no evidence that any other information has been published online.

What this means for you

If you have received a letter from us about the cyber-attack, this means that part of your personal information was illegally accessed and copied. Your letter will tell you what kind of information was accessed about you.

For most people, only a limited amount of information relating to them was illegally accessed and copied. But there is a chance this information could be misused or published online.

We want to make you aware that this has happened so that you can take steps to reduce any risk to you.

The HSE has a legal measure in place to stop anyone using any of the illegally accessed information or sharing it online.

High Court injunction restricting any sharing, processing, selling or publishing of illegally accessed information (PDF, 4 pages, 460KB)

Protect yourself from scams or attempted fraud

Personal, medical and financial information

The information accessed in the attack includes:

• financial information
• medical information
• personal information, such as names, addresses and contact details

Different people had different kinds of information accessed and copied. Your letter will tell you what kind of information was accessed about you.

Less than 1,000 people being notified had a limited amount of financial information accessed and copied. This mainly relates to HSE employees or former HSE employees.

Request copies of the information that relates to you

Advice for HSE staff who receive a letter about the cyber-attack

Risk of criminal scams and fraud

We have no evidence that any information has been used in criminal scams or fraud.

But scams and attempted fraud are very common. They can happen at any time. Some of the most common types of scams involve the use of fake emails, calls or texts pretending to be from real companies.

It is unlikely that criminals can use any financial information from this attack to steal money from you. But they may use your details to contact you and try to trick you into giving them other information, such as your passwords. This is known as 'phishing', 'vishing' or 'smishing'.

Contact your local Garda station if you are approached by anyone who has:

• used your information for fraud or other criminal purposes
• is threatening to use your information for fraud or other criminal purposes

If you believe you are a victim of a cyber-crime, take screenshots of texts, emails or any other communication from the suspected criminals.

The HSE is continually monitoring the web and the 'dark web' to see if any of the illegally accessed information has been published online.

Protect yourself from scams or attempted fraud

What you can do next

You do not need to do anything.

But if you want, you can request a copy of the documents accessed and copied that relate to you.

Request a copy of your personal information accessed in the cyber-attack

If you want to speak to someone, you can also contact HSE Live.

If you are concerned about your banking information

If you are concerned about your bank account details, contact your bank.

They will take any action needed to protect you.