Health board apologises for cyber attack 'anxiety'
- Published
A health board has said it is "extremely sorry" for any anxiety which may have been caused by a major cyber attack on its systems.
NHS Dumfries and Galloway was subject to a "targeted and continuing incursion" over a month ago.
It said it was aware that a "very large amount" of patient and staff-identifiable data had been accessed.
It has been contacted by a small number of people with concerns about emails or approaches but none have been linked to the cyber attack.
The health board first became aware of the incident at the end of February prompting a response involving police and the National Cyber Security Centre.
The issue became public a month later.
NHS Dumfries and Galloway said there had been little impact on its services for the public.
It said in a statement: "No operations or appointments are identified as having been cancelled or postponed as a direct consequence of this cyber attack.
"The impact was primarily on staff, as our response required some changes to their ways of working and accessing systems."
It said systems had run effectively throughout the attack but "some limitations" were still in place in terms of staff logging in.
It added: "No data was deleted or altered.
"However, as we have noted, a very large amount of patient and staff-identifiable data was accessed."
NHS Dumfries and Galloway added that it knew there had been criticism of its release of information about the attack.
"We are aware of expectations around transparency, but would highlight once again that this remains a live and very serious criminal matter," it said.
It said a "robust response" had been mounted in order to avoid any repeat incident.
Related topics
- Published27 March