A ransomware group has published a “proof pack” amid threats it has a huge cache of data stolen from a Scottish health board in a cyber attack.
NHS Dumfries and Galloway was targeted earlier this month and confirmed hackers were able to access a “significant quantity of data”, including patient and staff-identifiable information.
Reports emerged on Wednesday that a group calling itself INC Ransom had posted on its dark web blog that it was in possession of three terabytes of data from NHS Scotland.
The post included a “proof pack” of some of the data, including confidential information on a small number of patients, which has been confirmed by the health board to be genuine.
Jeff Ace, chief executive of NHS Dumfries and Galloway, said: “We absolutely deplore the release of confidential patient data as part of this criminal act.
“This information has been released by hackers to evidence that this is in their possession.”
The health board is continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish government, and other agencies in response to the “developing situation”.
China cyber attacks a reminder Beijing poses ‘constant and sophisticated’ threat to western cybersecurity
Arion Kurtaj: Teenager sentenced over Grand Theft Auto VI hack
Prince Harry, phone hacking and the executives who knew
Keep up with all the latest news from the UK and around the world by following Sky News
Mr Ace added: “As part of this response, we will be making contact with any patients whose data has been leaked at this point, and continue working to limit any sharing of this information.
“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”
Read more from Sky News:
Woman, 70, ‘scared to leave her house’ after sexual assault
Family in shock over death of teenager who died in e-bike crash
Be the first to get Breaking News
Install the Sky News app for free
Patient-facing services will continue as normal.
The health board has set up a dedicated webpage in regards to the attack.
