Gardaí launch probe after earlier cyberattack on HSE left 1,000 users exposed
The incident took place one month before the large-scale cyberattack on the health authority’s ICT systems in May. The HSE has refused to say whether the two hacking incidents could be related.
Gardaí have launched a criminal investigation into the hacking of a Health Service Executive (HSE) contractor that resulted in the contact details of more than 1,000 service users being compromised.
The incident took place one month before the large-scale cyberattack on the health authority's ICT systems, which was in May. The HSE has refused to say whether the two hacking incidents could be related.
The contractor was hacked on April 15 and the perpetrators are believed to have accessed the contact details of 1,119 service users. The HSE is working with An Garda Síochána and the Data Protection Commissioner in relation to the breach.
On May 14, the HSE became aware of a ransomware cyber-attack and was forced to shut down all of its ICT systems.
The organisation's CEO, Paul Reid, has estimated that the cost of that hack could amount to €500m.
Almost five months later, the HSE is still working to restore some of its computer systems.
"Acute services are almost fully restored, along with community and corporate," said a spokeswoman.
"Restoration is both a technical and operational challenge and needs to be undertaken in a systemic and safe way. All of our corporate systems are restored, with some remediation work outstanding on corporate reporting systems."
Meanwhile, the restoration of HSE staff email is being treated as a "key service priority", but is taking place on a "phased, controlled basis".
Asked whether the ransomware attack on May 14 could be connected to the hacking incident on a HSE service provider the previous month, the spokeswoman declined to comment, as the matter is the subject of a criminal investigation.
An Garda Síochána had yet to comment at the time of writing.
Earlier this week, the head of the Garda National Cyber Crime Bureau confirmed that the servers of the gang behind the sophisticated ransomware attack had recently been seized by gardaí.
Detective Chief Superintendent Paul Cleary said that the bureau had launched a disruption take-down operation in the past two weeks, seizing the technical infrastructure of the gang.
"We effectively took their servers, the mains and websites, and we put up our own alerts-splashed screen with the Garda insignia, basically warning any potential new victims that they should check their networks, that they may be compromised," he said.
"We know that 753 potential unsuspecting new victims would have seen our alert screen and subsequently prevented a further ransomware attack, so it was successful and we have more of those type of crime-prevention and disruption operations planned into the future."
CONNECT WITH US TODAY
Be the first to know the latest news and updates
