#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 9°C Wednesday 20 October 2021

HSE hack: Sensitive data from 520 patients leaked online

The HSE became the victim of a major ransomware attack a fortnight ago

Image: Shutterstock/Alexander Geiger

THE HSE HAS confirmed that data from at least 520 patients has appeared online.

Late week the Financial Times reported that it had seen screenshots and files proving that medical and personal information belonging to HSE patients had been shared online. 

The HSE shut down its IT systems a fortnight ago after it became aware of a significant ransomware attack, with widespread disruption across the health service as a result. 

The Financial Times story appeared to be the first confirmation of a data leak since the attack.

The Minister for Heath subsequently confirmed that the leak was genuine and the HSE has now said that it includes “sensitive patient data” and other documents.  

“Recently a news publication wrote a story saying they had seen HSE data that had been illegally accessed. We informed the publication of the court order we obtained in relation to this matter last week and asked them to supply it to us, and they agreed,” the HSE said in a statement. 

We have examined it and can confirm it is HSE data relating to approx 520 patients, as well as some corporate documents. The data includes sensitive patient data, minutes of meetings and correspondence with patients.The HSE’s Data Protection Office has followed the appropriate procedures, including notifying the relevant health service providers and the Data Protection Commission.

The process of notifying the patients involved has commenced. This will involve some further analysis of the data, and we will do this as quickly as possible.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

“This data was the initial small tranche of data that was previously reported on, and we are not aware of any further attempted publication of our data. We apologise for the inconvenience caused to our patients and service users.”

An Garda Síochána is investigating the hack as a criminal matter and the HSE says it is working with with gardaí.

About the author:

Rónán Duffy

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel