Ireland Gov ‘aware of risk’ of stolen HSE data being published online

The Government has said it is “aware of the risk” that personal data stolen from the HSE in a cyberattack may be published online.

There have been multiple reports that the criminal gang behind the ransomware attack intends to publish the data online on Monday.

On Sunday, the Government issued fresh advice to people who may become victims of fraud as a result of their data being exposed.

People are advised to be cautious of criminals taking advantage of fears around the HSE attack by contacting them to attempt to obtain information or payments.

The Government has urged the public to report any such attempts to gardai.

Minister Simon Harris said: “If you are contacted by anybody asking for your bank details, please know the state will never contact you asking for your bank details over the telephone or by email.

“And in my experience, the state will never contact you offering to pay you back money either.”

Mr Harris used the example of someone who had recently been for an X-ray being contacted by a person alleging to be from a hospital, claiming they are owed money for the procedure, and asking for bank details.

“Under no circumstances do that. Terminate the phone call, don’t reply to the email, and please contact your local Garda station,” he said.

He said it was vital that the public report such incidents to the gardai, to protect themselves and so that information on the criminals responsible can be passed on to international policing.

“This is a crime, and we want to be able to pass on as much information as possible to police forces around the world,” he told RTE’s The Week In Politics.

“Any contact in any way suspicious at all, please contact the gardai.”

There is, sadly, a real risk of patients’ data being abused in this way

He called on the public to have a “heightened sense of awareness” and to discuss the issue with family and friends.

Meanwhile, the Opposition have continued to raise questions about Ireland’s preparedness for the attack.

Labour TD Duncan Smith said representatives from the National Cyber Security Centre (NCSC) had failed to “answer basic questions” at a private meeting of the Communications Committee last week.

He said: “It was a pretty bizarre meeting. The representative from the NCSC didn’t answer very basic questions in relation to resourcing and the lead-up to this attack.

“We didn’t push too much on this current attack because it’s an ongoing issue.

“But just in relation to how prepared the NCSC was, we were not comforted by how that meeting went.

“There are huge questions that will need to be answered after this.”

The theft and disclosure of medical data would be a particularly despicable crime because it involves sensitive, personal information

In a statement on Sunday, the Government said: “It is a common feature of these kinds of cyber-attacks that the perpetrators steal data.

“Work to identify the extent of any data taken from the HSE’s IT systems is ongoing as part of the process of repairing the systems.

“The theft and disclosure of medical data would be a particularly despicable crime because it involves sensitive, personal information. Any public release of this data would be illegal.

“There is, sadly, a real risk of patients’ data being abused in this way.”

The statement added: “An Garda Siochana are continuing in conjunction with national and international partners to pursue the investigation of this crime.

“The Government urges anyone who has reason to suspect they are victims of this cyber-attack to make a report at their local Garda Station or through the Garda Confidential line.”

The line is open 24 hours a day, seven days a week on 1800 666 111.

The ransomware attack has resulted in the HSE having to close down all its IT services, causing widespread delays and the cancellation of appointments at hospitals across the country.