Teams working 'around the clock' to assess 80,000 HSE devices hit by cyberattack

Staff in the HSE and Department of Health have been left without access to their emails.

WED, 19 MAY, 2021 - 06:30
ELAINE LOUGHLIN, CIANAN BRENNAN

Specialists IT teams are working "around the clock" to assess 80,000 HSE devices that have been impacted by the cyberattack.

Health Minister Stephen Donnelly has detailed the significant impact the cyberattack continues to have on everything from radiotherapy services to dental care and audiology services. Staff in the HSE and Department of Health have also been left without access to their emails.

Mr Donnelly said it will take “several weeks” to get the entire system back online as experts go through computers and other devices “one by one”.

'Utterly contemptible'

He described the criminals behind the assault as "utterly contemptible".

Communications Minister Eamon Ryan told the Dáil that the hackers gained access to the HSE system long before the attack was noticed in the early hours of Friday last.

Mr Donnelly said experts are now assessing around 2,000 IT patient-facing systems, each supported by infrastructure and multiple servers and devices.

Meanwhile, it has emerged the cyberattack could see the HSE fined €1m for GDPR failings, the maximum penalty allowable under Irish law.

Under the GDPR Act, data controllers such as the HSE must encrypt and preserve personal data as confidential and be able "to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident”.

The Data Protection Commission will not officially make a decision on whether to initiate an inquiry into the HSE breach before next week at the earliest.

However, experts say an investigation is inevitable given the extent to which the HSE’s technology and systems have been compromised.