NHS Dumfries and Galloway is working with the National Cyber Security Center (NCSC) following the publication of around three terabytes of stolen patient data on the dark web by a ransomware group.
The health board confirmed in an update on its websitepublished on May 6, 2024, indicates that the Inc Ransom ransomware group has followed through on its threats to publish a large volume of stolen data on the dark web.
Next to a “targeted and continuous” cyberattack announced by NHS Dumfries and Galloway on 5 March 2024, it was confirmed on 27 March 2024 that data relating to a small number of patients had been published by Inc Ransom and the group claimed to be in possession of 3TB of data from NHS Scotland.
Julie White, chief executive of NHS Dumfries and Galloway, said: “This is a truly despicable criminal act committed by cybercriminals who had threatened to release more data.”
She also confirmed that work was underway with partner agencies to assess the published data.
In another statementpublished on May 10, 2024, NHS Dumfries and Galloway said it did not contact people whose data was published online, because “identifying the data that has been collected, combing through it to find identifiable individuals and then collating all their data is a difficult task.” massive undertaking.”
The health board confirmed that cybercriminals accessed “millions of very small pieces of discrete data” housed in a series of separate directories, including individual letters from a consultant to a patient, letters from a consultant to a other consultant, test results and x-rays.
However, he said cybercriminals did not access the primary records system for patient health information, which contains people's entire medical history, because they are on a separate system to which they do not have not accessed.
“While progress is being made, this is why NHS Dumfries and Galloway has had to prioritize this work – doing so based on 'high risk' data which often relates to particularly vulnerable people.” , he adds.
An NCSC spokesperson told Digital Health News that they are “working with NHS Dumfries and Galloway to fully understand the impact of the incident”.
Dr. Saif Abed, Founding Partner and Director of Cybersecurity Consulting Services at The AbedGraham Group told Digital Health News that he believed NHS organizations continued to struggle with cybersecurity largely “because of the lack of cyber resilience of many IT providers who operate within the NHS”.
“If we don't address supply chain risks, the threat to patient data will only grow,” he said.
“I also continue to be concerned that the impact of cyberattacks on patient safety, such as ransomware, is not fully understood or appreciated and that the threat of catastrophic consequences will only increase as digital transformation continues to expand. “accelerate without appropriate safeguards,” added Dr. Abed.
The cyberattack is the subject of a live criminal investigation and is “regarded by investigators as specialist knowledge”, NHS Dumfries and Galloway said on its website.