No verification that data from HSE cyber attack has been leaked, says Donnelly

No Verification That Data From Hse Cyber Attack Has Been Leaked, Says Donnelly
Mr Donnelly said there were extensive backups and a lot of medical files had not been compromised. Postings of heavily-redacted material are being examined and gardaí are investigating the issue, he said. PA Wire/PA Images
Share this article

Digital Desk Staff, additional reporting by Vivienne Clarke

Updated at 15:27 

There has been no verification that real data potentially compromised during the recent cyberattack on the Health Service Executive (HSE) IT systems has been released, according to Minister for Health Stephen Donnelly.


As The Irish Times reports, the HSE is working with the National Cyber Security Centre and the gardaí along with technical and cybersecurity experts, said the Minister. The HSE network is being checked system by system, server by server, to see what had been compromised, he said.

Mr Donnelly said there were extensive backups and a lot of medical files had not been compromised. Postings of heavily-redacted material are being examined and gardaí are investigating the issue, he said.

“We have no verification that what has been posted is real data. We are awaiting details to know if sensitive information has been released.”

Speaking on RTÉ Radio’s News at One, Mr Donnelly called last week’s cyberattack “an attack on the Irish people, the health system and patients and their families”.


IT systems

It comes as earlier it was reported that none of the HSE's IT systems are back online yet following a major cyberattack on the health service last week.

As a precaution, all HSE IT systems were shut down on Friday when the attack was detected. Investigations are ongoing, and the systems have remained offline until they can be re-established in a safe manner.

Speaking to Newstalk, HSE chief operations officer Anne O'Connor said restoring the IT systems is a huge challenge and health services around the country will continue to experience disruptions as a result.

Ms O'Connor added they are prioritising work to get the patient information and radiology systems back online, but added: "It will be some time before they come back".


The HSE's chief clinical officer Dr Colm Henry said contingency plans are in place for HSE staff to be paid this week, but echoed Ms O'Connor's remarks that the main focus was on key diagnostic services.

Anyone with a hospital appointment in the coming days is asked to check the HSE's dedicated webpage, offering updates on cancellations and disruptions to health services on a county-by-county basis.

Patient data

Earlier, the former chief information officer of the HSE, Richard Corbridge, who led the health service’s response to the last cyberattack in 2017, said there is “a real and present risk” that patients’ data could be released.

Mr Corbridge told RTÉ radio’s Morning Ireland last week's attack might not have been specifically targeted at the HSE, and it could have been part of a wider probe of health systems across Europe to see where vulnerabilities lay.


It was not necessarily the case that the HSE’s IT systems were operating with a weakness, he added, as this situation had not been prepared for. It was a 'zero-day' attack, meaning there was no known previous experience of it.

This was a challenge not just faced by the HSE, but by health systems everywhere trying to keep simple IT systems up to date while operating high tech diagnostic equipment, Mr Corbridge said.

He added he did not know how much data had been taken as part of the attack, but it was now in the hands of the attackers and there was a real and present risk the data of patients would be “exposed.”

Cabinet meeting

HSE cyber attack: Stolen patient data could be abu...
Read More

Cabinet is due to meet today, during which all Ministers will be briefed in relation the cyberattack and its ongoing impact.


The Irish Times reports there are fears within the Government that patient data may be "abused" by the people responsible for the attack, however, no ransom will be paid in line with State policy.

Cybersecurity experts are now monitoring the dark web for data harvested during the attack as it is thought the group responsible may either sell the data, or publish it online if they do not receive the ransom payment.

On Monday, Taoiseach Micheál Martin, Tánaiste Leo Varadkar, Minister for Transport Eamon Ryan, Minister for Health Stephen Donnelly, Minister for Justice Heather Humphreys and HSE chief executive Paul Reid were briefed by the National Cyber Security Centre (NCSC) on the matter ahead of the full meeting of Cabinet today.

Read More

Message submitting... Thank you for waiting.

Want us to email you top stories each lunch time?

Download our Apps
© 2024, developed by Square1 and powered by