Support from readers like you keeps The Journal open.
You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.
If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.
THE HSE’S EFFORTS to rebuild its cyber-attack destroyed systems are “gaining momentum”, Paul Reid has said.
The CEO of the organisation tweeted today that technicians were working to overcome the difficulties.
“We’re gaining momentum in rebuilding many of our healthcare systems. We’re conscious it will be some time yet before our patients & staff see the full benefits though & we’re still at high risk levels,” he explained.
We're gaining momentum in rebuilding many of our healthcare systems. We're conscious it will be some time yet before our patients & staff see the full benefits though & we're still at high risk levels. And today Dr Steevens Hospital is looking splendid in the sunshine! @HSELivepic.twitter.com/HC75ZQ8oCt
Speaking on RTE Radio Junior Minister for eGovernment and Public Procurement Ossian Smyth said that the technicians were ahead of schedule in their work.
“They’re making enormous progress and they’re further ahead than they expected to be” – on rebuilding the infrastructure,” he said.
Minister Smyth added that there was “no evidence” that any data had been deleted and said that they believe that no data on Tusla computers had been accessed by the hackers
Advertisement
“The outcome is going to be good and I think that the HSE is going to be a stronger and more resilient organisation after the attack,” he added.
Colm Henry, the HSE Chief Clinical Officer said on Raidió na Gaeltachta refused to criticise the standard of the HSE’s cyber defences.
“We must remember at all times that this attack was perpetrated by criminals who had no scruples about who they targeted and who suffered as a result of their criminality,” he said.
The HSE confirmed yesterday that data from at least 520 patients has appeared online.
Late week the Financial Times reported that it had seen screenshots and files proving that medical and personal information belonging to HSE patients had been shared online.
The HSE shut down its IT systems a fortnight ago after it became aware of a significant ransomware attack, with widespread disruption across the health service as a result.
The Financial Times story appeared to be the first confirmation of a data leak since the attack.
The Minister for Heath subsequently confirmed that the leak was genuine and the HSE has now said that it includes “sensitive patient data” and other documents.
“Recently a news publication wrote a story saying they had seen HSE data that had been illegally accessed. We informed the publication of the court order we obtained in relation to this matter last week and asked them to supply it to us, and they agreed,” the HSE said in a statement.
Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article.
Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.
To embed this post, copy the code below on your site
Close
22 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic.
Please familiarise yourself with our comments policy
here
before taking part.
I’m a little puzzled by some of the comments here. I’m not an IT security specialist, if there are those who are, by all means please make yourselves known, because in matters such as this only qualified opinions carry weight.
We know the HSE did ask for funding to upgrade their IT systems in the past and it was refused for various reasons, this was witnessed by ex HSE IT employees. It’s well documented they also have difficulty holding onto IT staff, who leave for better paying roles in the private sector.
So, the decisions which lead to where we are now were largely political, it would have been unpopular to fund an expensive IT upgrade, so everyone procrastinated, avoided any decision and did what we always do. They kicked the proverbial can down the road. This was also the case when it came to retaining highly trained, specialist IT staff, the HSE wouldn’t pay them what they were worth as it wouldn’t have been politically acceptable and, as we know, they left to better paying positions in the private sector.
So, here we are. The very people criticising what’s happened now are, in all likelihood, those who would have criticised the HSE had they spent the money upgrading their IT systems, had they increased their salaries for specialist IT staff. These are some of the people the politicians were afraid of when they made their decisions and they’re still blaming everyone else. We all share some responsibility.
@Arch Angel: I’m one of the people who would criticize what’s happened.. I’m an IT cyber specialist. I would not have criticized the HSE for spending market rates on specialist engineers who could have secured patient data by implementing a cyber defence on a par with private sector organisations. Where is the accountability? Political or technical. Where is the accountability. None. Instead blame those bad criminals who had the audacity to target a national health system? Really?
@AA: Well it’s a bit like leaving the window open and not blaming the burglars when you get burgled.
However your are correct in that there is no accountability in the public service. Externally it doesn’t appear to be a learning organisation. That comes from the top and it’s very hard to install in a large organisation. Especially one as litigious as this country.
As an IT security specialist you are well aware that if security or robustness is not built into the design at the start it’s very difficult and expensive to bolt it on afterwards. It’s hard to make a case when people think security spending means not delivering patient services.
The government’s record on delivery of IT systems doesn’t inspire confidence. Remember PPARS.
@Richard O’Clear: not going to change anything, consecutive governments have failed to invest in updating the computer systems. You can’t blame one guy. I’d rather they now invest properly in an upgrade , and not have to pay out huge sums to claims.. leaving us in a worse position than before unable to pay for updates. The Russian hackers are responsible.. sue them . Our HSE staff have gone above and beyond the call of duty this past 15 months.. while the majority of you all sat at home ..
@Jack Johnson: grammar isn’t actually bad, they just left out and added in a word or two words, done it myself plentyoftimes. I understood them so I don’t see the big deal.
@Brian Flavin: You appear to be suggesting that there were a significant number of XP systems within the HSE, do you have evidence of this or do you ‘just know’? While it’s certainly possible, it’s my understanding this would have been the exception rather than the rule.
With regard to your other suggestion that the HSE upgrade to Apple desktops, give me strength… Have you actually given this much thought? Any thought? Would they be any more secure? Possibly, however there is a misconception that Apple computers are immune from viruses and hackers somehow don’t target them. This is untrue. There’s also the cost, they would be substantially more expensive than Windows based systems, and would probably require additional Apple compatible software purchases. Then, most staff would be used to and trained on Windows so would required training on Apples. All told, the complete cost of migrating from a Windows based infrastructure to that of Apple would be several times more expensive at a time when such things are being very closely examined and questioned more than ever.
@Mike Kelly: They are better and safer. Yes more expensive but encrypted and hardware lasts for a decade or more. More standardization in manufacturing. Also no real training needed, they are intuitive and make sense when you start using them. I never thought I would like Apple but I will never go back.
@Amy Roddey: Good luck rolling out a new OS and application software to 100,000 people without real training. It’s usually what happens and then hilarity ensues in organisations as a result. Massive loss in productivity. Apple is not more inherently secure than Windows both require systems management to run properly and securely. Once you network computers they are vulnerable to attack. There’s a reason why Windows is dominant in the enterprise. It’s designed to work in that setting. Being able to use word on a Mac is not the same as managing thousands of systems that need to talk to eachother. I still have PTSD from having to work with Apple “servers”.
@The Irish Bull: There is plenty of us that agree, it’s absolutely obscene what this man is being paid and for can only be described as total incompetence. These bureaucrat salaries need to capped at a reasonable level.
Is it public record who applied for this position?.
He was on the Fingal County Council, he has very little credentials that were gained late on and his main achievements seem to be that of a bureaucrat who helped negotiate pay cuts, irony abounds.
He worked in the Public Expenditure and Reform department and was then given this job by the Public Appointment Service which smacks of in house & political pal corruption.
For some perspective Simon Stevens starting salary when he took over the NHS was £189,900 an organisation many many times the size of the HSE.
Started in the Rotunda, who have no firewall as its IT security is not funded by the HSE. Wanted to spend their money on healthcare as youd expect. Fundamental problem with the HSE as all linked on to the same system. Fault lies squarely with the health minister and the make up of health care in Ireland
Israel due to begin another 10-hour military 'pause' in Gaza as UN pushes for two-state talks
Updated
5 hrs ago
3.8k
Courts
Man who sexually abused girl during sleepovers with one of his children jailed for six years
2 mins ago
3
Listeria
Various branded spinach and mixed leaves recalled due to detection of listeria
Updated
19 hrs ago
82.7k
Your Cookies. Your Choice.
Cookies help provide our news service while also enabling the advertising needed to fund this work.
We categorise cookies as Necessary, Performance (used to analyse the site performance) and Targeting (used to target advertising which helps us keep this service free).
We and our 214 partners store and access personal data, like browsing data or unique identifiers, on your device. Selecting Accept All enables tracking technologies to support the purposes shown under we and our partners process data to provide. If trackers are disabled, some content and ads you see may not be as relevant to you. You can resurface this menu to change your choices or withdraw consent at any time by clicking the Cookie Preferences link on the bottom of the webpage . Your choices will have effect within our Website. For more details, refer to our Privacy Policy.
We and our vendors process data for the following purposes:
Use precise geolocation data. Actively scan device characteristics for identification. Store and/or access information on a device. Personalised advertising and content, advertising and content measurement, audience research and services development.
Cookies Preference Centre
We process your data to deliver content or advertisements and measure the delivery of such content or advertisements to extract insights about our website. We share this information with our partners on the basis of consent. You may exercise your right to consent, based on a specific purpose below or at a partner level in the link under each purpose. Some vendors may process your data based on their legitimate interests, which does not require your consent. You cannot object to tracking technologies placed to ensure security, prevent fraud, fix errors, or deliver and present advertising and content, and precise geolocation data and active scanning of device characteristics for identification may be used to support this purpose. This exception does not apply to targeted advertising. These choices will be signaled to our vendors participating in the Transparency and Consent Framework. The choices you make regarding the purposes and vendors listed in this notice are saved and stored locally on your device for a maximum duration of 1 year.
Manage Consent Preferences
Necessary Cookies
Always Active
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
Social Media Cookies
These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then these services may not function properly.
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not be able to monitor our performance.
Store and/or access information on a device 149 partners can use this purpose
Cookies, device or similar online identifiers (e.g. login-based identifiers, randomly assigned identifiers, network based identifiers) together with other information (e.g. browser type and information, language, screen size, supported technologies etc.) can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here.
Personalised advertising and content, advertising and content measurement, audience research and services development 195 partners can use this purpose
Use limited data to select advertising 158 partners can use this purpose
Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are (or have been) interacting with (for example, to limit the number of times an ad is presented to you).
Create profiles for personalised advertising 119 partners can use this purpose
Information about your activity on this service (such as forms you submit, content you look at) can be stored and combined with other information about you (for example, information from your previous activity on this service and other websites or apps) or similar users. This is then used to build or improve a profile about you (that might include possible interests and personal aspects). Your profile can be used (also later) to present advertising that appears more relevant based on your possible interests by this and other entities.
Use profiles to select personalised advertising 120 partners can use this purpose
Advertising presented to you on this service can be based on your advertising profiles, which can reflect your activity on this service or other websites or apps (like the forms you submit, content you look at), possible interests and personal aspects.
Create profiles to personalise content 51 partners can use this purpose
Information about your activity on this service (for instance, forms you submit, non-advertising content you look at) can be stored and combined with other information about you (such as your previous activity on this service or other websites or apps) or similar users. This is then used to build or improve a profile about you (which might for example include possible interests and personal aspects). Your profile can be used (also later) to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.
Use profiles to select personalised content 48 partners can use this purpose
Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services (for instance, the forms you submit, content you look at), possible interests and personal aspects. This can for example be used to adapt the order in which content is shown to you, so that it is even easier for you to find (non-advertising) content that matches your interests.
Measure advertising performance 177 partners can use this purpose
Information regarding which advertising is presented to you and how you interact with it can be used to determine how well an advert has worked for you or other users and whether the goals of the advertising were reached. For instance, whether you saw an ad, whether you clicked on it, whether it led you to buy a product or visit a website, etc. This is very helpful to understand the relevance of advertising campaigns.
Measure content performance 78 partners can use this purpose
Information regarding which content is presented to you and how you interact with it can be used to determine whether the (non-advertising) content e.g. reached its intended audience and matched your interests. For instance, whether you read an article, watch a video, listen to a podcast or look at a product description, how long you spent on this service and the web pages you visit etc. This is very helpful to understand the relevance of (non-advertising) content that is shown to you.
Understand audiences through statistics or combinations of data from different sources 111 partners can use this purpose
Reports can be generated based on the combination of data sets (like user profiles, statistics, market research, analytics data) regarding your interactions and those of other users with advertising or (non-advertising) content to identify common characteristics (for instance, to determine which target audiences are more receptive to an ad campaign or to certain contents).
Develop and improve services 116 partners can use this purpose
Information about your activity on this service, such as your interaction with ads or content, can be very helpful to improve products and services and to build new products and services based on user interactions, the type of audience, etc. This specific purpose does not include the development or improvement of user profiles and identifiers.
Use limited data to select content 51 partners can use this purpose
Content presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type, or which content you are (or have been) interacting with (for example, to limit the number of times a video or an article is presented to you).
Use precise geolocation data 65 partners can use this special feature
With your acceptance, your precise location (within a radius of less than 500 metres) may be used in support of the purposes explained in this notice.
Actively scan device characteristics for identification 36 partners can use this special feature
With your acceptance, certain characteristics specific to your device might be requested and used to distinguish it from other devices (such as the installed fonts or plugins, the resolution of your screen) in support of the purposes explained in this notice.
Ensure security, prevent and detect fraud, and fix errors 122 partners can use this special purpose
Always Active
Your data can be used to monitor for and prevent unusual and possibly fraudulent activity (for example, regarding advertising, ad clicks by bots), and ensure systems and processes work properly and securely. It can also be used to correct any problems you, the publisher or the advertiser may encounter in the delivery of content and ads and in your interaction with them.
Deliver and present advertising and content 126 partners can use this special purpose
Always Active
Certain information (like an IP address or device capabilities) is used to ensure the technical compatibility of the content or advertising, and to facilitate the transmission of the content or ad to your device.
Match and combine data from other data sources 94 partners can use this feature
Always Active
Information about your activity on this service may be matched and combined with other information relating to you and originating from various sources (for instance your activity on a separate online service, your use of a loyalty card in-store, or your answers to a survey), in support of the purposes explained in this notice.
Link different devices 67 partners can use this feature
Always Active
In support of the purposes explained in this notice, your device might be considered as likely linked to other devices that belong to you or your household (for instance because you are logged in to the same service on both your phone and your computer, or because you may use the same Internet connection on both devices).
Identify devices based on information transmitted automatically 116 partners can use this feature
Always Active
Your device might be distinguished from other devices based on information it automatically sends when accessing the Internet (for instance, the IP address of your Internet connection or the type of browser you are using) in support of the purposes exposed in this notice.
Save and communicate privacy choices 103 partners can use this special purpose
Always Active
The choices you make regarding the purposes and entities listed in this notice are saved and made available to those entities in the form of digital signals (such as a string of characters). This is necessary in order to enable both this service and those entities to respect such choices.
have your say