Patient data could be ‘abused’ after health service attack, warns Irish government
In the aftermath of a destructive ransomware attack against the Irish Health Service Executive (HSE), the Irish government has warned that sensitive medical information and other patient data may be leaked. Officials have condemned any public release by the attackers of stolen patient data, stating that the move would be contemptible. They have also urged anyone affected by the cyberattack to contact the HSE or the authorities. Officials warn that the data potentially stolen by the attackers could be used to launch other attacks such as phishing, or social engineering and that patients should remain aware of the heightened risk following the compromise.
The HSE has confirmed the ransomware variant to be the human-operated Conti. The HSE has been working alongside experts from the National Cyber Security Centre (NCSC) to mitigate the effects of the attack. According to the entities, a remote access tool called Cobalt Strike Beacon was discovered on HSE’s systems. It was likely used by the hackers to move within the computer networks before launching the attack. Conti operates through what is known as a double extortion attack, a technique in which hackers threaten to make stolen information publicly available if ransom demands are not met.