Data belonging to people applying for health service jobs have been hacked, in the latest cyber-attack to hit the Health Service Executive.
The HSE said information relating to “no more than” 20 people involved in recruitment processes has been illegally accessed, according to a preliminary analysis, and its exposure is “quite low”.
“The HSE became aware on Thursday evening that an external partner (EY) working with us on a project to automate part of our recruitment process was alerted to a cyber-attack on the technology product MoveIT which they were using to support this work,” a spokesman said. “This attack was criminal in nature and international in scale.”
He said HSE teams together with EY have worked closely over the last number of hours to determine the impact on its data.
Where are Ireland’s ‘sitting ducks’ - the places most vulnerable to extreme weather?
Is Currys in line for the worst customer care story of 2025?
Five of the best family friendly hiking trails around Ireland: From easy to demanding
A man’s guide to looking sharp at summer weddings, from elegant tuxedos to casual linen
“This analysis has determined that is it likely that information relating to no more than 20 individuals involved in recruitment processes was accessed. The data on these recruitment panels is comprised of names, addresses, mobile number, place on the panel and more general information on the posts being recruited.
“Importantly no other personal identification data or financial data is included.”
“The HSE is in contact with relevant authorities and is informing the Data Protection Commission. Contact will be made shortly with those individuals whose data was accessed.”
In 2021, the personal data of 100,000 people was accessed in a cyberattack in the HSE’s IT systems. The cyberattack led to months-long disruption across the health services and has cost the HSE €90 million so far to remedy. Up to 100 people whose data was accessed are suing for damages.
