Cabinet to be briefed over fears patients’ data will be ‘abused’ by cybercriminals

Disruption caused by cyberattack likely to continue ‘well into this week’

Cybersecurity officials are monitoring the dark web for evidence of data from the HSE ransomware attack being dumped online. Photograph: iStock

Cybersecurity officials are monitoring the dark web for evidence of data from the HSE ransomware attack being dumped online. Photograph: iStock

Your Web Browser may be out of date. If you are using Internet Explorer 9, 10 or 11 our Audio player will not work properly.
For a better experience use Google Chrome, Firefox or Microsoft Edge.


The Cabinet will on Tuesday be briefed on the cyberattack that has severely impacted the health service amid fears in Government that patients’ private information will be “abused” by those responsible.

Cybersecurity officials are monitoring the dark web for evidence of data from the Health Service Executive ransomware attack being dumped online. It is believed cybercriminals harvested vast amounts of personal data during the attack last week and will likely publish it online or sell it unless they receive payment from the Government.

Irish officials reiterated on Monday that no ransom will be paid.

The Government has branded the cyberattacks on the health service as “despicable crimes” and insisted “no effort is being spared” to resume medical services and restore the HSE’s IT system.

It also said any public release of stolen patient data by the criminals behind the attack is “utterly contemptible” and there is “a risk that the medical and other data of patients will be abused”.

Anyone who is affected is being urged to contact the HSE and gardaí.

Taoiseach Micheál Martin on Monday met the other Coalition party leaders, Tánaiste Leo Varadkar and Green Party leader Eamon Ryan, as well as Minister for Health Stephen Donnelly, Minister for Justice Heather Humphreys and Minister of State for Communications Ossian Smyth to discuss the impact of the ransomware attack.

They were briefed by representatives from the National Cyber Security Centre (NCSC) and HSE chief executive Paul Reid. The full Cabinet will receive an update on the situation on Tuesday.

The disruption caused by the cyberattack is very likely to continue “well into this week” the HSE said. Work is continuing on assessing the impact of the cyberattack and beginning to restore IT systems. It said it expects no disruption to payroll services

“There are serious concerns about the implications for patient care arising from the very limited access to diagnostics, lab services and historical patient records,” the HSE said in an update.

Mr Reid earlier told RTÉ it will cost “tens of millions” of euro to “fix” the network system impacted by the cyberattack.

Garda and FBI

Ms Humphreys also met Garda Commissioner Drew Harris on Monday to discuss the attack, the response to which is being led by the National Cyber Security Centre with the support of the Garda.

Irish officials are liaising with the FBI, the UK’s National Crime Agency and Europol’s European Cybercrime Centre.

The group believed to have created the ransomware is sometimes known as Wizard Spider and is based in Russia. It has been known to license out its ransomware products in return for a share of any profits. Samples of the ransomware virus have been sent to the Europol Malware Analysis Centre for comparison to previous attacks.

The Russian embassy in Dublin has condemned the cyberattack and suggested Moscow is ready to look into the matter if approached by Irish authorities.

TDs and Senators will have an opportunity to quiz officials from the NCSC and Department of Communications on the cyberattack at a meeting that will take place behind closed doors. It had originally been expected the hearing would be in public. However, it is understood the department requested it be held in private due to the “sensitivity” of the situation.