Donnelly: 'Positive' initial results on decryption key for HSE hack

"It came as a surprise," Mr Donnelly said of the encryption key being made available.

"We became aware yesterday afternoon that the key was being made available on a site which is linked to this criminal gang. The technical group obviously obtained that key, and are currently testing it.

"We need to be absolutely sure that this will help restore the health systems, rather than potentially cause further harm so work is ongoing.

"I think it's important to say that in parallel to that, the other work that continues, there's good progress being made."

As of late last night, some of the most important systems in some of the voluntary hospitals are back online, the minister said, including imaging software for radiology and patient administration systems.

Radiation oncology remained a problem, he said, as disruption continued across many hospitals following the cyberattack. While some machines were running, it was not at the level the HSE needed.

Mr Donnelly added that it was an “absolute priority” for the HSE to get machines back up and running.

The work being done to restore all the patient systems would make the systems themselves stronger and more robust in the short and medium term, he said.

"In the HSE, they have teams working on this literally around the clock to get these systems back up and running as quickly as possible," he added.

No ransom paid

Mr Donnelly said he understands the speculation that the ransom had been paid due to the availability of the key.

However, he "categorically" denied that Government "directly, indirectly, through any third party or in any other way" had paid the fee demanded.

"The main thing that people will want to hear, and be absolutely assured on, is that no ransom was paid directly or indirectly," Mr Donnelly said.

On Newstalk Breakfast Minister of State Ossian Smyth also emphasised that no ransom had been paid. “The Government 100% did not pay a ransom or get anyone indirectly to do so.” 

Mr Smyth said that getting the data back was like having your house burgled and then getting the contents back - in a skip. Tests still had to be carried out on the data to ensure it was safe. The Minister of State with responsibility for eGovernment, said he did not think anyone believed that providing the decryption tool was an act of goodwill. “All will come out in the wash.” 

It would have made absolutely no sense to pay money to the criminals, he added.

Patient information

Redacted patient information has already been put up on the dark web, sparking fears it could be sold to other gangs. Stephen Donnelly said he couldn't confirm whether the records are genuine but said it was "entirely possible".

"This sort of approach is quite standard procedure," he added.

The threat to dump patients’ data was being taken very seriously and it was entirely possible that this could still happen. If anyone was contacted about their data they should contact the helpline 1 800 666 111 immediately, he urged.

The injunction secured in the High Court on Thursday was a standard approach in such circumstances, he said, and was taken to obstruct anyone attempting to share information that appeared on the dark web. It was relevant to anyone who would consider sharing that information.

“Unfortunately there are some people who think these things are funny,” he said. “We are taking this thing very seriously which is why we went to the High Court.”