Data belonging to people applying for health service jobs have been hacked, in the latest cyber-attack to hit the Health Service Executive.
The HSE said information relating to “no more than” 20 people involved in recruitment processes has been illegally accessed, according to a preliminary analysis, and its exposure is “quite low”.
“The HSE became aware on Thursday evening that an external partner (EY) working with us on a project to automate part of our recruitment process was alerted to a cyber-attack on the technology product MoveIT which they were using to support this work,” a spokesman said. “This attack was criminal in nature and international in scale.”
He said HSE teams together with EY have worked closely over the last number of hours to determine the impact on its data.
Fontaines DC’s Grian Chatten: ‘Romance took a lot out of us. It was like a bomb went off, and then that silence’
A day in the Bere Island school where teachers commute by ferry and classes take place on the beach
Nicky English: The rules that hurling could, and should, steal from football immediately
Summer strawberries: Two desserts that celebrate the defining fruit of the season
“This analysis has determined that is it likely that information relating to no more than 20 individuals involved in recruitment processes was accessed. The data on these recruitment panels is comprised of names, addresses, mobile number, place on the panel and more general information on the posts being recruited.
“Importantly no other personal identification data or financial data is included.”
“The HSE is in contact with relevant authorities and is informing the Data Protection Commission. Contact will be made shortly with those individuals whose data was accessed.”
In 2021, the personal data of 100,000 people was accessed in a cyberattack in the HSE’s IT systems. The cyberattack led to months-long disruption across the health services and has cost the HSE €90 million so far to remedy. Up to 100 people whose data was accessed are suing for damages.