Hackers are expected to have accessed patient data as part of the HSE ransomware attack, and may now publish it online, a Government Minister has said.
While there is not yet definitive evidence of patient information being compromised, with the HSE on Sunday saying it was still too early to determine if it had happened, Minister of State for Communications Ossian Smyth told The Irish Times: “I expect it has [been accessed] and it wouldn’t surprise me if it was published at some point in the future.”
Mr Smyth stressed, however, the HSE did not centrally store significant amounts of clinical patient data, with much of the information held being administrative rather than related to procedures and conditions.
He said accessing such patient files would be “the first thing [hackers] would do before trying to encrypt data or delete backups”, and that usually such information was sold on and later released either by the hackers or other parties.
Similar attacks, such as one on the Scottish Environment Protection Agency last year saw information published online after ransoms went unpaid, but Mr Smyth said he believed data was regularly posted whether such sums were paid or not.
The Garda and National Cyber Security Centre is liaising with Europol on the nature of the ransomware used. Mr Smyth said early indications were that a second attack, on the Department of Health, suspected to be carried out by the same criminal organisation, was not as serious as the HSE hack.
He also said early work done by departments and agencies did not yet indicate the presence of similar ransomware on their systems. Garda sources believe the attacks were by organised criminals, rather than a foreign state.