Scottish Health Service Patient Data Hacked & Stolen

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The Scottish  
NHS has been targeted in a "focused and ongoing" cyber attack that may have compromised patient data.
 

NHS services in Dumfries & Galloway have been the target of this focused and on-going cyber attack. 

NHS Scotland said it was working with Police Scotland, the National Cyber Security Centre and the Scottish government to handle the attack on IT systems.

Staff have been warned the digital criminals may have already accessed private details of both patients and staff.

Dumfries and Galloway is the southernmost region of Scotland, sharing a border with northwestern England. It has a population of just under 150,000 people, almost all of whom are likely to be users of the country’s universal National Health Service.

It warned that hackers could have acquired a "significant quantity" of patient and staff data.

The health board said there services could be disruption as a result of the hacking incident.

Cyber security agencies are investigating what data could have been accessed.

NHS Dumfries and Galloway said in a statement: "Breach of confidential data is an incredibly serious matter.

"We are encouraging everyone, staff and public, to be on their guard for any attempt to access their systems or approaches from anyone claiming to be in possession of data relating to them."

If data that could identify patients and staff has indeed been lost in the NHS Dumfries and Galloway attack, the region could find itself facing punitive action from the Information Commissioner's Office.

“Breach of confidential data is an incredibly serious matter. We are encouraging everyone, staff and public, to be on their guard for any attempt to access their systems or approaches from anyone claiming to be in possession of data relating to them,” says the NHS Dumfries and Galloway.

Patients or staff in such a situation have been urged to contact Police Scotland.

Police Scotland said its investigation into the incident was ongoing and the NCSC guidance is that ransoms should not be paid under any circumstances, especially in the public sector.

BBC     |     Computing     |     Yahoo     |     NHS     |     The Record     |     The Scottish Sun

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« France Suffers Massive Data Breach
The Need For Cyber Security Education & Preparedness In The Moving Industry »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

Adroit Technologies

Adroit Technologies

Adroit Technologies has been developing award winning real-time software for the industrial automation markets for over 25 years.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

macmon secure

macmon secure

macmon secure develops network security software, focussing on Network Access Control.

Standards Council of Canada (SCC)

Standards Council of Canada (SCC)

SCC leads and facilitates the development and use of national and international standards and accreditation services in Canada.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

BlackhawkNest

BlackhawkNest

Blackhawk is the only cyber security solution on the market that combines network monitoring and incident response into a cohesive appliance.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

Sekoia.io

Sekoia.io

Sekoia.io is a European cybersecurity company whose mission is to develop the best protection capabilities against cyber-attacks.

Cyrex

Cyrex

Cyrex is a Web3 security and development company. Our mastery over decentralized applications, smart contracts and blockchain will keep you secure across Web3.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.

XeneX

XeneX

XeneX Cloud Security Services address enterprise-class security challenges by enabling DevOps and Security teams to access a shared source of truth.