Southern Star Ltd. logo

HSE is blasted for revealing hacked info – 20 months on

February 17th, 2023 11:45 AM

By Kieran O'Mahony

HSE is blasted for revealing hacked info – 20 months on Image
One of the letters sent to a West Cork client of the HSE.

Share this article

THE HSE sent out letters in recent weeks to West Cork residents to inform them that some of their personal information was illegally accessed and copied during the cyber-attack on the HSE almost two years ago.

Sen Tim Lombard told The Southern Star that he has spoken to some people who received this notification in the post on Monday (January 30th) and who are naturally upset and worried to hear that their personal information has been accessed.

‘This letter is arriving 20 months after the cyber attack and has come as a complete shock to people. 

‘There should have been a campaign in advance to prepare people and reassure them,’ said Sen Lombard.

‘We were all well aware of the HSE cyber attack in May 2021 and the impact it had on the health service and the public at the time. The notifications received by people this week has come out of the blue with no advance warning.’

In one letter seen by The Southern Star, the HSE said: ‘We are very sorry that this has occurred’ and that since they became aware of the attack they have been doing everything they can to limit the effects of the attack and to reduce any risk to the patient and others.

The person was told that some of their personal information illegally accessed and copied include their name, patient number, date of birth, phone number and that the information came from Covid-19 vaccine lists.

‘We have no evidence that your personal information has been published online or that your personal information has been misused. 

‘There is also no evidence of any scams linked to this cyber-attack,’ the letter stated.

It also said that is possible that the cyber-attack might mean that the person may receive unexpected or wanted calls or texts.

Sen Lombard said that this has been ‘poorly handed’ and has ‘caused huge anxiety.’

‘We need a statement from the Minister of Health and a campaign from the HSE to inform the public of the impact, what actions need to be taken and to offer reassurance and rebuild confidence. The HSE need to also put in place a team to follow up and contact those people affected.’

A HSE spokesperson said that last November they began to notify approximately 113,000 people by letter in a phased way to tell them some of their personal data was illegally accessed and copied as part  of the cyber-attack.

‘This programme is taking several weeks due to the numbers of people involved. We sincerely regret the impact that this cyber-attack has had on our health service, our patients and our teams nationwide. 

‘We have taken a thorough approach in responding, from the initial response, to the lengthy period of data review, and now the notification process.’

Tags used in this article

Share this article