23 May 2021

The Government is aware of the risk that data stolen from the HSE may be abused by criminals and is taking measures to prevent that and to support anyone affected.

It is a common feature of these kinds of cyber-attacks that the perpetrators steal data. Work to identify the extent of any data taken from the HSE’s IT systems is ongoing as part of the process of repairing the systems.

The theft and disclosure of medical data would be a particularly despicable crime because it involves sensitive, personal information.  Any public release of this data would be illegal.

There is, sadly, is a real risk of patients’ data being abused in this way. The Government is grateful to mainstream media and online services for their support and we appeal to anyone who may comes across this data online not to share it but instead to report it using the tools provided by platforms.

The HSE has obtained a High Court injunction requiring anyone in possession of stolen data not to disclose or trade in it. The National Cyber Security Centre continues to engage with international counterparts and industry in responding to this attack.

An Garda Síochána are continuing in conjunction with national and international partners to pursue the investigation of this crime. The Government urges anyone who has reason to suspect they are victims of this cyber-attack to make a report at their local Garda Station or through the Garda Confidential line. The line is open 24 hours a day, seven days a week on 1800 666 111.

People are also advised to be cautious of criminals taking advantage of fears around the HSE attack by contacting them to attempt to obtain information or payments. Any such attempts should be reported to An Garda Síochána.