NHS Dumfries and Galloway Confirms Data Breach by Ransomware Group
NHS Dumfries and Galloway has announced that data concerning a small number of patients has been leaked by a known ransomware group following a cyber attack on its IT systems on 15 March. According to reports, the group Inc Ransom claimed to have obtained three terabytes of data from NHS Scotland, including sensitive patient and staff information.
The released “proof pack” allegedly contains a variety of confidential documents, such as medical reports, letters discussing patient treatments, and psychological assessments. Personal details like names and addresses are also said to be included in the leaked data.
NHS Dumfries and Galloway chief executive Jeff Ace expressed strong condemnation for the breach, stating that efforts are underway to mitigate any potential harms to affected individuals. The board is collaborating with law enforcement and cybersecurity agencies to address the situation.
Despite the breach, patient services are said to be operating normally, and steps are being taken to inform and support patients whose data has been compromised. The board initially reported a risk of data exposure during the cyber attack, a threat that has now been confirmed by the release of patient information by the ransomware group.