NHS Dumfries and Galloway of Scotland has issued a stark warning to residents to assume that some of their personal data may have been compromised following a significant cyber-attack.
The health board is taking the situation very seriously, with plans to distribute leaflets from the chief executive to describe the breach as "extremely serious", reported BBC.
In February, a ransomware group targeted the health board, and after their demands were not met, they published stolen files online.
The health board is now planning to contact patients deemed 'high risk' individually and is asking everyone to be vigilant against any attempts to access their computer systems.
It was confirmed in May that the cyber-criminals had released some children's mental health data.
With a population exceeding 100,000, Dumfries and Galloway now fear that the number of affected patients and staff initially thought to be in the hundreds or thousands, is much greater.
The leaflets will advise residents to presume that some data about them has likely been copied and made public, including sensitive information such as X-rays, test results, and correspondence between healthcare professionals.
The health board's primary concern is for the safety of vulnerable groups, who may be at increased risk if criminals possess their information.
NHS Dumfries and Galloway has consistently urged the public to be alert for any attempts to access their work and personal data or for approaches by anyone claiming to have their personal or NHS data, whether via email, telephone, social media, or other means.
In all instances, individuals are advised to record details of the approach and contact Police Scotland online.
South Scotland MSP Colin Smyth has echoed the call for vigilance. "It is clear that the scale of the leak and the number of people affected is significantly higher than was first envisaged," he stated. Despite extensive efforts by the NHS to sift through millions of items, the precise details of the leaked data remain uncertain. Smyth noted that, fortunately, there has been no reported misuse of the data thus far.
Meanwhile, NHS England is facing disruption to medical services due to the ransomware attack on Synnovis, a provider of lab services for several NHS entities in southeast London, on 3 June. Over 1,500 operations and appointments have been cancelled.
NHS England revealed that King’s College Hospital and Guy’s and St Thomas’ were among the most affected, with a substantial number of procedures and consultations postponed.
The attack on Synnovis has prompted a coordinated response from NHS England - London, regional providers, and national partners to manage the fallout. Synnovis is currently focusing on technical recovery, with plans to gradually restore IT system functionality in the upcoming weeks.
