NHS Dumfries and Galloway hit by “focused and ongoing” cyber attack

  • 18 March 2024
NHS Dumfries and Galloway hit by “focused and ongoing” cyber attack

NHS Dumfries and Galloway announced on Friday that it has been the target of a “focused and ongoing” cyber attack.

The health board said it was working with partner agencies including Police Scotland, the National Cyber Security Centre and the Scottish Government and that hackers could have acquired a “significant quantity” of patient and staff data. Disruptions to services may occur as a result of the situation, it added.

The statement on the organisation’s website also said: “Work is continuing together with cyber security agencies to investigate what data may have been accessed, but we have reason to believe that this could include patient-identifiable and staff-identifiable data.

“Breach of confidential data is an incredibly serious matter. We are encouraging everyone, staff and public, to be on their guard for any attempt to access their systems or approaches from anyone claiming to be in possession of data relating to them.”

Health secretary Neil Gray said the Scottish government is offering support to the board: “There are well established procedures for dealing with a situation of this kind.

“We are providing assistance and support to NHS Dumfries and Galloway as they handle this incident, and NHS NSS (National Services Scotland) is engaging with the rest of NHS Scotland and providing updates as necessary.”

Updates on the attack will be provided via a dedicated website, which can accessed here. There has been no update on the attack since the alert was first announced on Friday 15 March.

A spokesperson for the National Cyber Security Centre (NCSC) said: “We are working with law enforcement, NHS Scotland and the Scottish Government to fully understand the impact of an incident.”

The NCSC provides guidance and advice for individuals and families that have been affected by a data breach.

In reaction to this latest cyber attack, chief security strategist at Cylera, Richard Staynings, said: “Police Scotland and the NCSA will now be looking for malware or simple droppers that could be used to launch a more lucrative ransomware attack on NHS Dumfries and Galloway.

“It’s early days yet regarding the cyberattack on NHS Dumfries and Galloway so lots of things will still need to be investigated however, early accounts suggest this was a data exfiltration of Protected Health Information (PHI), and other data over the course of a persistent attack over months.

“While this is highly unfortunate, it’s a cyber attack that’s unlikely to be a direct risk to life unless this particular attack against confidentiality is accompanied by a systems availability attack or a data integrity attack.”

There have been a number of cyber attacks on the NHS in recent years. In June of last year, NHS details of more than one million patients were compromised in a ransomware attack on the University of Manchester.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Medway IT systems yet to be restored after cyber scare

Medway IT systems yet to be restored after cyber scare

The IT systems at Medway Community Healthcare have not yet been restored following a suspected cyber attack, Digital Health News has learned.
Digital Health Unplugged: 2024 Year in Review

Digital Health Unplugged: 2024 Year in Review

In the final Unplugged of the year, the Digital Health news team reflect on the biggest stories covered in 2024 and look ahead to 2025.
IT systems in Medway disconnected due to ‘suspicious activity’

IT systems in Medway disconnected due to ‘suspicious activity’

Medway Community Healthcare has disconnected its IT systems to “protect patient and staff data” after detecting some “suspicious activity”.