The NHS Dumfries and Galloway health board continues to work on recovery after last week being hit with a targeted cyberattack which is believed to have breached individuals’ personal data

Scottish government health secretary Neil Gray has said the recent cyberattack on NHS Dumfries and Galloway highlights the need for “continued investment” in the IT security capability of the public sector.

A week ago, the Scottish health board revealed that it was “the target of a focused and ongoing cyberattack”. The incident caused some disruption to services and resulted in “a risk that hackers have been able to acquire a significant quantity of data” – including personal information on patients and staff, according to NHSDG.

In an update published on Tuesday, the board said that its services were now “generally running as normal” once again.

NHDSG chief executive Jeff Ace said that a criminal investigation into the matter is ongoing, and that “there is reason to believe that those responsible may have acquired patient- and staff-specific data”.

Related content

• Capita admits possible compromise of customer data during cyberattack
• Hebridean council works on data recovery following cyberattack
• Cyber Security Week: Analysis – how and where are attackers getting in?

“The NHS Board views patient and staff confidentiality as a key priority, along with ensuring welfare and wellbeing,” he added. “As such, very great effort is being made to address this situation, and to try to prevent it from being repeated. We will look to update as and when we can, but in the meantime would again caution staff and patients to be on their guard for anyone accessing their systems, or anyone making contact with them claiming to be in possession of any information. Any such incidents should be reported immediately to Police Scotland on 101.”

Speaking this week in the Scottish Parliament in answer to a question from Labour MSP Colin Smyth, health secretary Gray said the government would continue to “monitor and keep under review” the implications of the attack to ensure that the cyber resilience strategy continued to be “as strong as possible”.

He assured MSPs that the board had responded “swiftly” and “in line with established protocol”, yet said the incident had resulted in some staff having to change working practices in the short term.

He added that a multi-agency approach was underway to tackle the incident, other boards were providing technical support to Dumfries and Galloway and, officials had already started a “lesson identified exercise” which will be shared at “a suitable time”.