Limerick patients to be notified of information stolen in HSE cyberattack

LIMERICK patients who had their data stolen in the HSE cyberattack in 2021 can expect to be notified in the coming days.

More than 32,000 notification letters have been issued to people who were directly affected by the breach, with a further 100,000 notifications due to be issued by April.

In response to a query from the Limerick Post on the exact number of people affected in Limerick, a HSE spokesman said they “did not have a county by county breakdown” but expect that everyone affected will have been notified by April.

“The cyber-attack was stopped once we became aware of it, and the HSE worked with a range of State agencies to respond to it,” the spokesman said.

He added that no ransom was paid by the State or the HSE in connection with the 2021 cyberattack, however an external cybersecurity firm was engaged in the response.

Sign up for the weekly Limerick Post newsletter

“Specialist security partners of the HSE have been monitoring the internet, including the dark web, since the cyberattack and have seen no evidence that the illegally accessed and copied data has been published online (other than a small amount of data which was referred to in an article in May 2021 by the Financial Times and subsequently removed from the web) or used for any criminal purposes.

“Our cybersecurity experts are continuing to monitor the internet and the dark web for illegally accessed information and the HSE will act immediately if they see any evidence of this.

The spokesperson said that the HSE have “further strengthened” IT and cybersecurity infrastructure since the attack and are working with “international and national cybersecurity experts to protect against future attacks”.