Following a recent attack on NHS Dumfries and Galloway, the Scottish health board has confirmed that a criminal group has accessed large quantities of sensitive information – and already published some

A ransomware cybercrime gang has threatened to release three terabytes of stolen NHS Scotland data, including the personal information of patients and health-service workers.

INC Ransom said “the data will be published soon” in a message uploaded to its dark web blog. NHS Dumfries and Galloway (NHSDG) – which announced last week that it had suffered a cyber assault – confirmed yesterday that the breach had resulted in attackers being able to “access a significant amount of data including patient and staff-identifiable information”. The health board added that clinical data relating to “a small number of patients” has already been published as evidence that the gang held the information.

Publications to date include hospital reports and other clinical files, email conversations, and document scans, as well as patient names and addresses, among other details.

Related content

• Capita admits possible compromise of customer data during cyberattack
• Hebridean council works on data recovery following cyberattack
• Cyber Security Week: Analysis – how and where are attackers getting in?

NHSDG chief executive Jeff Ace said: “We absolutely deplore the release of confidential patient data as part of this criminal act. This information has been released by hackers to evidence that this is in their possession. We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation. Patient-facing services continue to function effectively as normal.”

He added: “As part of [our] response, we will be making contact with any patients whose data has been leaked at this point, and continue working to limit any sharing of this information. NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”

A Police Scotland spokesperson confirmed that enquiries are ongoing, and the Information Commissioner’s Office said it was also investigating the incident.