NHS board warns patients of further data leak after cyber attack

Cybercriminal gang INC Ransom previously released a 'proof pack' of clinical data from NHS Dumfries and Galloway.

NHS board warns patients of further data leak two weeks after cyber attack iStock

An NHS board has warned patients that further personal information could be leaked by cyber criminals who stole medical data in a major cyber attack.

A large amount of confidential data was taken from NHS Dumfries and Galloway during a sustained hacking attack.

Last week, INC Ransom, an extortion operation, posted a message on its dark web blog, threatening to release three terabytes – which equates to 3,000 gigabytes – of stolen patient and staff data.

On March 27, NHS Dumfries and Galloway confirmed clinical data relating to a small number of patients had been published as a “proof pack” by the cybercrime.

The evidence of the leak allegedly included hospital reports, email conversations, clinical reports, document scans, and other sensitive information.

NHS Dumfries and Galloway chief executive Julie White has admitted there is a “risk of publication for further data” – and that everyone must remain “vigilant”.

She said: “We all must remain highly vigilant in the wake of what was a targeted and sustained cyber attack, and we are aware there is a risk of publication of further data.

“Everyone is advised to be alert for any attempts to access their data, or for approaches by anyone claiming to be in possession of either their personal data or NHS data – whether this approach comes by email, telephone, social media or some other means.

“In all instances, people are advised to take down details about the approach and contact Police Scotland by phoning 101.”

A Police Scotland spokesperson confirmed that enquiries into the incident remain ongoing at this time.

The latest cyber attack came after NHS Dumfries and Galloway confirmed it had been the target of a “focused and ongoing” strike from hackers on March 15.

In a statement the health board confirmed on March 19 that systems were running again as normal – but warned that there is a risk that the hackers have acquired a “significant amount of data”.

Mrs White added: “We are aware that the information held by the cyber criminals could include confidential, clinical patient information, and are advising people across our communities to be on their guard.

“We are also asking our staff to be aware of the range of data relating to individual staff members which is stored in different areas of our systems.

“Recognising that this is a live criminal matter, we continue to follow the very clear guidance being provided to us by national law enforcement agencies.”

STV News is now on WhatsApp

Get all the latest news from around the country

Follow STV News
Follow STV News on WhatsApp

Scan the QR code on your mobile device for all the latest news from around the country

WhatsApp channel QR Code