Hackers who attacked the HSE IT system and planted a ransomware note on it, cut off contact by the second week in June, the High Court heard on Thursday.
Mr Justice Senan Allen was told it is believed the link through which the hackers communicated was disabled and they had “deliberately locked themselves out”.
The hackers in their ransomware note last May had stated they could be contacted via an electronic link provided.
But a copy of the order of the High Court by Mr Justice Kevin Cross last month against “persons unknown” responsible for the hacking on May 14th preventing them from selling, processing, publishing, sharing or making available to any member of the public, the stolen HSE data, which included private medical data of HSE patients, was successfully uploaded on to the hackers IT link.
Orders restraining
The orders also restrain possession, transfer or disclosure of the information obtained from the HSE’s system without the HSE’s consent and require the “persons unknown” to identify themselves by providing names, postal addresses and email addresses.
The orders were sought in intended proceedings by the HSE which include claims for damages for breach of confidential information, fraud and deceit, conspiracy and conversion of the data which is believed to have been accessed by hackers based in Russia.
The intended defendants had 42 days to enter an appearance to the proceedings, after which the matter would return before the court.
When the matter came back before the High Court on Thursday Jonathan Newman SC said those who hacked into the HSE system declined to identify themselves and their names are not known.
“Communication has been cut off ,’ he told the court.
Locked out
The court heard after the order was made by Mr Justice Cross last May a copy was successfully served and uploaded to the link but on June 11th the link was no longer accepting uploads. Attempts were made the next day, but it is believed that the link was disabled.
The link, Counsel said, was the only way of communicating with the hackers. He said the defendants in the case “persons unknown” had deliberately cut themselves off and it was not possible to serve a notice of motion on them relation to the case coming back before the court.
He said the defendants had “deliberately locked themselves out.” “They have excluded themselves from being further communicated with,’ he added.
Ruling to keep the May order in place, Mr Justice Allen said the order of Judge Cross had been uploaded on to the link provided by the hackers and because the link was later shut down they were not on notice of the application before the court.
While the court would ordinarily be extremely reluctant to do anything when notice is not given, the judge said however this case was different.
The judge said he was satisfied the May order is valuable and ought to continue notwithstanding the hackers non-compliance.
“They know from the order served they can apply to the court for a discharge of the order. The order of Judge Cross will continue," Mr Justice Allen said and he adjourned the interlocutory motion generally with costs reserved on the matter.
