NHS Dumfries and Galloway suffered a cyberattack, potentially compromising patient data. The health board is working with authorities. Learn more about the attack, its potential impact, and how to stay vigilant.
NHS Dumfries and Galloway, a health board serving the southwestern region of Scotland, announced on Friday, March 15, 2024, that it has been targeted by a “focused and ongoing cyber attack.”
The nature of the cyber attack remains undisclosed, but the health board has warned that a “significant quantity of data” belonging to patients and staff may have been compromised.
The health board has activated its established protocols in response to the attack and is working closely with partner agencies, including Police Scotland, the National Cyber Security Centre (NCSC), and the Scottish Government. Their primary focus is on containing the attack, investigating the scope of the breach, and mitigating any potential damage.
NHS Dumfries and Galloway has also acknowledged the possibility of service disruptions due to the ongoing incident. While the specific nature of these disruptions is yet to be determined, they could potentially impact patient appointments, access to online services, or internal administrative functions.
The most concerning aspect of the attack is the potential compromise of patient and staff data. The health board has not yet confirmed the exact type of data accessed, but it could potentially include sensitive information such as names, addresses, medical records, and National Insurance numbers.
NHS Dumfries and Galloway is urging both staff and patients to be vigilant for any suspicious activity. This includes emails or phone calls attempting to gain access to personal information or financial details. They advise individuals to never click on links or open attachments from unknown senders and to report any suspicious activity immediately.
For insights into the incident, we reached out to Richard Staynings, Chief Security Strategist for Cylera, a healthcare cybersecurity that secures 25 NHS Trusts in the UK, who warned of potentially devastating and additional cyber attacks including ransomware on the targeted NHS Dumfries and Galloway systems.
“Police Scotland and the NCSA will now be looking for malware or simple droppers that could be used to launch a more lucrative ransomware attack on NHS Dumfries and Galloway.”
Richard emphasised that while the attack is concerning and unfortunate, it may not pose an immediate threat to people’s lives. He further explained that for a cyberattack to directly endanger lives, it would typically need to compromise not only confidentiality (as in the case of potential data exposure) but also system availability or data integrity.
“It’s a cyberattack that’s unlikely to be a direct risk to life unless a systems availability attack or a data integrity attack accompanies this particular attack against confidentiality. Confidentiality, Integrity and Availability (CIA) are the three pillars of the Security Triad, he explained.” “All three are required for security. To date, most hospitals have focussed their limited security budgets on protection of confidentiality at the expense of integrity and availability and this is one reason why so many hospitals have been extorted by cyber criminals through ransomware attacks.”
Nevertheless, the attack on NHS Dumfries and Galloway goes on to show the growing threat of cyberattacks on healthcare institutions. With vast amounts of sensitive patient data stored electronically, healthcare providers are becoming increasingly attractive targets for cybercriminals.
The full impact of the attack on NHS Dumfries and Galloway is still unfolding. The health board has assured the public that they are taking all necessary steps to investigate the incident, secure their systems, and protect patient data. However, it is likely to take some time before the full extent of the damage is known.
In the meantime, patients of NHS Dumfries and Galloway are advised to stay informed by checking the health board’s website for updates. They should also be extra cautious with any unsolicited communication claiming to be from the NHS.