NHS Dumfries and Galloway health authorities have warned that confidential patient data from its systems had been accessed and copied by cybercriminals in February before being published online in early May. The cybercriminals attempted to force the health authorities of the Scottish region to cede to their demands, sharing sensitive details online after failing to extort money.

NHS Dumfries and Galloway Breach

NHS Dumfries and Galloway’s computer systems were breached by hackers in February 2024. The threat actors had accessed and copied confidential patient data including X-rays, test results and communications between health care providers and patients. However, the stolen data had not been deleted or altered on NHS systems and patient care has not been impacted. [caption id="attachment_77683" align="alignnone" width="1084"] Source: nhsdg.co.uk[/caption] On May 6, the criminals made good on threats to publish the data online after NHS Dumfries and Galloway did not meet undisclosed demands. The leaked data includes millions of small, individual files on NHS patients. Authorities said they are prioritizing notifications to vulnerable patient groups that may be at higher risk due to the breach. The NHS Dumfries and Galloway has been working alongside national agencies like Police Scotland, The National Crime Agency, The National Cyber Security Centre and The Scottish Government for advice and direction in investigating the incident. "On behalf of NHS Dumfries and Galloway, I would like to apologise for the anxiety which may have been caused to you due to this situation. We have sought to be as open as possible while adhering to the very explicit guidance we have received from Police Scotland and partner agencies," stated Julie White, Chief Executive of NHS Dumfries and Galloway.

Risks and Recommendations

The Chief Executive of NHS Dumfries and Galloway stated that patients should assume some personal data was likely copied and published. The health authority identified potential risks including identity theft, extortion attempts and anxiety stemming from the data breach. Patients are advised to remain vigilant. NHS recommends patients refrain from opening suspicious emails, clicking unknown links or providing personal information over the phone to unverified parties. Suspicious communications should be reported to Police Scotland immediately. The health authority also advises patients to frequently update passwords and to make them as strong as possible. A helpline and website have been set up to provide information and support relating to the cyber attack. Psychological services are available for those experiencing anxiety regarding stolen personal data. The criminal investigation remains ongoing alongside technology partners to secure NHS systems against future attacks. Patients with additional questions can visit www.nhsdg.co.uk/cyberattack or call the helpline at 01387 216 777, open 9 a.m. to 6 p.m. weekdays and 9 a.m. to 1 p.m. Saturdays. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.