Patient Data Swiped in NHS Dumfries and Galloway Cyber Attack

NHS Dumfries and Galloway has been hit by a “focused and ongoing cyber attack” that has potentially exposed patient data that was stored in its systems. 

The Scottish Health Board said in a statement on Friday it is working with Police Scotland, the National Cyber Security Centre, and the Scottish government to investigate the extent of the incident. 

A spokesperson warned hackers could have been able to "acquire a significant quantity of data" and has advised there may be some disruption to services as a result of the incident.

They called the incident “a very serious matter,” warning both patients and medical employees to be on the lookout for malicious activity on their personal systems.”

"We are encouraging everyone, staff and public, to be on their guard for any attempt to access their systems or approaches from anyone claiming to have data relating to them,” NHS Dumfries and Galloway said. 

"In any of these situations, contact Police Scotland immediately by phoning 101."

Hackers Target Healthcare 

The cyber attack on NHS Dumfries and Galloway is just one of the latest targeted attacks on healthcare institutions in recent weeks. 

Last month, the US healthcare insurance provider Change Healthcare was also hit by an attack, impacting over 100 services including dental, pharmacy, medical records, clinical, patient engagement, revenue, and payment services in pharmacies across the country. 

The attack also comes less than two years after the major 2022 LockBit attack on the NHS, which saw doctors and medical staff being forced to keep patient records on scraps of paper due to the disruptions it caused. 

“NHS Dumfries and Galloway is unfortunately the latest to join the healthcare cyber victim club,” Darren Williams, CEO and Founder of Blackfog, told EM360Tech. 

“The healthcare sector in general faces a high risk of cyberattacks, and with sensitive patient information to protect and vital services to deliver, any disruptions can have massive consequences.”

“A lack of investment in the latest cybersecurity tools to prevent data theft and extortion, coupled with the desirability of patient data makes the healthcare sector an attractive and lucrative target for cybercriminals who want to make money or create havoc in enemy states.” 

'Significant data breach' possible

While the exact nature of the cyber attack remains under investigation, officials have confirmed that the incident may have led to a significant breach of data. 

The specific data compromised is yet to be determined, but NHS Dumfries and Galloway stores huge amounts of patient medical information, meaning that sensitive data may have been exposed.

The cyber attack has already had a tangible impact on NHSDG's operations. The health board has warned of "potential disruption to services" as they work to contain the breach and restore their systems.

This could lead to appointment cancellations, delays in treatment, and hindered access to medical records.

NHS Dumfries and Galloway serves a population of roughly 150,000, raising fears that a large number of individuals could be affected. 

“The cyberattack on NHS Dumfries and Galloway yet again shows the healthcare sector’s vulnerability to cyberattacks and the necessity to have effective response plans in place to limit operational downtime," said Trevor Dearing, Director of Critical Infrastructure at Illumio. 

"Once an attacker has infiltrated an organisation, they will try to move to the highest value assets. This could be patient data, such as in the case of Dumfries and Galloway, or medical devices. It is important to identify which systems can communicate and then use this knowledge to identify and quantify the risks faced by any asset or application."

"One of the best security models for improving cyber resilience is Zero Trust because it is based on the mantra of “never trust, always verify”.  Healthcare organisations must realise that an attack is inevitable and mitigate risk accordingly," Dearing added.