Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Saturday 30 September 2023 Dublin: 11°C File image of Health Minister Stephen Donnelly.
# Cyber Attack
Initial results 'positive' in testing decryption tool to unlock data, Health Minister says
A decryption key was made available yesterday but Donnelly said “no ransom has been paid”.

THE HEALTH MINISTER has described as “positive” the initial results from testing the validity of a decryption key that may help the HSE to unlock its IT systems.

The government said yesterday that the tool was made available online. A “detailed technical process” then began to ensure that the key is genuine and will not cause any further damage to the HSE systems.

The HSE shut down its IT systems last Friday after it became aware of a significant ransomware attack.

Stephen Donnelly said security contractors are “testing the validity of the key” at the moment. 

“The initial results are positive, but obviously it’s a detailed, technical piece of work,” the Health Minister told RTÉ radio’s Morning Ireland. 

And we need to be absolutely sure that this will help restore the health systems, rather than potentially cause further harm. So work is ongoing on that at the moment.

The minister said it’s “unclear” why this decryption tool was made available. 

“It came as a surprise. We became aware yesterday afternoon that the key was being made available on a site which is linked to this criminal gang.

“Our technical group obviously then obtained that key, and are currently testing it.”

The Journal reported yesterday that the ransomware attack started when a single computer stopped working, causing its user to reach out for help by clicking on a link.

Donnelly said “no ransom has been paid by this government directly, indirectly, through any third-party or in any other way, nor will any such ransom be paid”. 

Reports said the hackers have threatened to release the data if a ransom is not paid by next Monday, a threat Donnelly said is being taken “very seriously”. 

“There obviously have been redacted pieces of information put up on the dark web to this point. Because it’s an ongoing criminal investigation, we can’t confirm whether the records are genuine.

“However, as people will be aware. It is entirely possible and this sort of approach is quite standard procedure in these kinds of attacks.”


Yesterday, the HSE acquired a court injunction that requires anyone who is possessing HSE data to hand it over and not disclose, trade or deal in the information.

Donnelly defended the injunction, saying officials received a “very positive and strong” result from the judge. 

“I don’t imagine that a criminal gang capable of doing what they did to our healthcare system and to patients in our country are going to be too worried about a court order, however it is relevant and very applicable to people here who may seek to share that information themselves, potentially just out of interest or for their own reasons,” he said. 

Donnelly added that there is “good progress being made” in restoring some health systems across services for radiology, local labs and patient administration. 

Your Voice
Readers Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel