NHS Dumfries and Galloway are collaborating with the National Cyber Security Centre (NCSC) following a data breach that resulted in the publication of approximately three terabytes of stolen patient data on the dark web by a ransomware group. The health board issued an update on its website on 6 May 2024, confirming that the ransomware group Inc Ransom had indeed followed through with their threats.
Inc Ransom had initially announced a “focused and ongoing” cyber attack on 5 March 2024, and on 27 March 2024, data pertaining to a small number of patients was released. Julie White, chief executive of NHS Dumfries and Galloway, condemned the criminal act and stated that efforts were underway with partner agencies to assess the published data.
Despite accessing a large volume of data, the cyber criminals did not breach the primary records system for patients’ health information. The health board clarified that the released data consisted of fragmented pieces, including individual letters, test results, and x-rays.
Another statement released on 10 May 2024 revealed that significant work was required to identify affected individuals due to the complex nature of the data breach. The NCSC is actively involved in understanding the implications of the incident, while concerns about cybersecurity resilience and patient safety persist within the NHS.
The cyber attack is currently under criminal investigation and is considered a matter of specialist knowledge by authorities, as per NHS Dumfries and Galloway’s official website.
