A ransomware group has carried out its threat to NHS Dumfries and Galloway and released a “large volume” of patients’ data on the dark web.
A small amount of details were released in March as “proof” that the cyber criminals had accessed confidential information, with a warning that more would be published if a payment was not made to stop it.
The new chief executive of NHS Dumfries and Galloway health board, Julie White, called the release an “utterly abhorrent criminal act”.
She said work was now beginning to with other national agencies including the Scottish government, police and National Cyber Security Centre to assess what has been published.
“We should not be surprised at this outcome, as this is in line with the way these criminal groups operate,” Ms White said.
“NHS Dumfries and Galloway is conscious that this may cause increased anxiety and concern for patients and staff, with a telephone helpline sharing the information hosted at our website.
“Data accessed by the cyber criminals has now been published onto the dark web – which is not readily accessible to most people.
“Recognising that this is a live criminal matter, we continue to follow the very clear guidance being provided to us by national law enforcement agencies.”