The Health Service Executive is bracing itself for the embarrassment of stolen patient data being released from today, as slow progress is made in restoring IT systems paralysed in a cyberattack 10 days ago.
Detailed plans to counter any leaking of confidential information have been drawn up with the Garda, Data Protection Commissioner and social media companies so that a High Court order preventing publication of data can be enforced as rapidly as possible.
Gardaí are preparing for an “avalanche” of fraud once the cybercriminals, who attacked the HSE, release the stolen data as they have promised to do this week. Aside from the gang seeking to sell on the data to other criminals, there are fears scammers with no connection to the cyberattack will attempt to take advantage of the situation.
The gang behind the cyberattack had given the Government until today to pay €16.4 million to stop it publishing, or selling, what it claims is 700 gigabytes of stolen data.
The Government had repeatedly insisted there will be no ransom. Security sources said on Sunday that this position has not changed and that there is no communication between the State and the hackers.
There is no certainty the gang will actually release data, and some speculation it may have come under political pressure to relent because a health service has been targeted.
However, Garda sources expect the gang will follow through on its threat, possibly by drip-feeding the release.
The Government appeared to accept the release of data is likely. In a statement, it said “there is, sadly, is a real risk of patients’ data being abused in this way”.
HSE chief executive Paul Reid admitted there is a "high risk" the criminals behind the attack will fulfil their threat to release patient details.
Good progress is being made in restoring IT systems in the health service, he added, with radiology systems returning over the weekend in two Dublin hospitals and cervical screening appointments restarting on Monday.
Minister for Communications Eamon Ryan urged anyone contacted by scammers using personal information they believe has been obtained as a result of the cyberattack to contact gardaí.