NHS Scotland confirms ransomware attackers leaked patients’ data

2024-03-28 12:21

NHS Dumfries and Galloway has confirmed that a "Recognised ransomware group" was able to "Access a significant amount of data including patient and staff-identifiable information," and has published "Clinical data relating to a small number of patients."

"NHS DG still holds the original files and they have not been altered or deleted. Some information has been copied and leaked. NHS DG will contact everyone whose information is known to have been leaked. We are still investigating how much information has been stolen. Unfortunately we cannot yet rule out that more information will be leaked in the future," the board said.

On March 15, 2024, it suffered a cyber attack and let patients know that the attackers likely made off with patient-identifiable and staff-identifiable data.

"We absolutely deplore the release of confidential patient data as part of this criminal act. We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation," NHS Dumfries and Galloway Chief Executive Jeff Ace said.

"As part of this response, we will be making contact with any patients whose data has been leaked at this point, and continue working to limit any sharing of this information. NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population."

According to the Scottish Government, the ransomware attack hasn't spread to the rest of NHS Scotland.

News URL

https://www.helpnetsecurity.com/2024/03/28/nhs-scotland-ransomware/

#leaked #NHS #ransomware #scotland