Personal medical information stolen during last week’s cyber attack on the HSE has reportedly been shared online.
The Financial Times reports that the records posted online are internal health service files, including patient correspondence, minutes of meetings and equipment purchase details.
Newstalk Tech Correspondent Jess Kelly said the 27 files uploaded show personal records of 12 people.
“These include admission records, lab results and other personal, very sensitive data that we believe is stored within the 700 gigs of data taken by the hackers in this instance,” she said.
On Newstalk Breakfast this morning, the Communications Minister Eamon Ryan said the Government was “following international best practice and getting advice from a whole range of people” in response to the attack.
He said the Government expects the “critical return of patient care in the coming days and the next two weeks.”
“There may be other services over time – non-critical or non, kind of, immediate care services which will take longer,” he said.
“We have to use this as an opportunity to bring back better. To bring back an IT system within the health service which is more secure, which is more robust but also which builds on the incredible work they have done in the last yar by adapting to meet the COVID crisis by using online services.”
Transport Minister Eamon Ryan arriving at Government Buildings for this morning's Cabinet meeting, 23-03-2021. Image: Sasko Lazarov/RollingNewsMinister Ryan rejected claims the Government was not spending enough on cyber security – noting that the National Cyber Security Centre’s budget saw a “significant increase” in its budget last year.
He insisted the Government was spending around €400m a year on IT infrastructure across just four departments – Health, Agriculture, Revenue and Social Welfare.
The files online were offered by a group calling itself the ‘ContiLocker Team’ as proof it has access to confidential information.
The Financial Times reports that a chat between the group and an unnamed user included links to ‘samples’ of user data alongside passwords to access them.
Russian Ambassador to Ireland, Yury Filatov, at the Embassy of the Russian Federation in Dublin in 2018. Picture by: Sam Boal / RollingNews.ieThe ‘WizardSpider’ crime group behind the attack is believed to be based in Russia and on Newstalk Breakfast earlier this morning, the Russian Ambassador to Ireland said his country had offered to conduct a joint investigation.
Ambassador Yury Filatov said he has no way of judging who was behind the attack – but noted that Russia is targeted by hackers “on a daily basis.”
He said Russia has a “real interest in promoting international cooperation” on cybercrime and was offering to investigate the attack jointly.
On The Pat Kenny Show Financial Times journalist Laura Noonan revealed the contents of the HSE files posted online.
The attack was a ransomware attack - which involves hackers gaining access to an entity's data and threatening to publish it or encrypt it unless a 'ransom' is paid.
On last week’s Tech Talk, Newstalk technology correspondent Jess Kelly sat down with Ronan Murphy of SmartTech247 to hear about the evolution of ransomware - and try to get an answer to the big question – to pay or not to pay?
Since the attack was announced in the early hours of last Friday morning, the Government has continually insisted that it won't be paying any ransom to those behind it.
You can listen back here:
