Hackers could publish HSE patient data online, but much of it is administrative

It will cost the State tens of millions of euro to fix the network system impacted by last weeks cyber attack on the HSE, director general Paul Reid has said.
What we have to do here is a very significant rebuild, Mr Reid told RTÉ radios Morning Ireland as the HSE continued to grapple with the attack.
The ransomware attack on the HSE on Friday morning caused major disruption as it required a shutdown of all IT systems and led to the cancellation of many out-patient appointments.
Efforts to restore the systems are ongoing, but it will likely be several days before services return to normal.
The hackers, thought to be an organised criminal gang based in another country, are expected to have accessed patient data and may now publish it online.
While there is not yet definitive evidence of patient information being compromised, with the HSE on Sunday saying it was still too early to determine if it had happened, Minister of State for Communications Ossian Smyth told The Irish Times: I expect it has [been accessed] and it wouldnt surprise me if it was published at some point in the future.
Mr Smyth stressed, however, the HSE did not centrally store significant amounts of clinical patient data, with much of the information held being administrative rather than related to procedures and conditions.
The HSEs Chief Operating Officer Anne OConnor has said that it was not possible to guarantee that peoples private medical information would not be shared on the internet by those behind the attack.
This is a very serious attack, it has really compromised our whole system..
We know some data has been compromised. IT teams are working to see what data has been impacted. Unfortunately we cannot give reassurance in terms of what data may or may not have been stolen, she told Newstalk Breakfast.
Ms OConnor explained that the main impact was on radiology and blood test results. We have no way of relaying those results to clinicians in the hospital – for example if someone in ED is looking for the results of a scan, we cant get those electronically, equally we cant get results out to GPs for blood tests because everything has to be manually transcribed – so every request for a test and every result has to be manually transcribed, weve had to bring staff back into the hospitals to basically work as runners between labs and radiology departments.
Mr Reid said the ransomware attack was a serious criminal act on sick people that would continue to have serious consequences for the remainder of this week.
Private hospitals will be used this week to access oncology services and some diagnostics, he said. This was continuing on from the work the private hospitals had been doing with the HSE on Covid, he added.
The HSE was working to contain the impact and teams had worked around the clock over the weekend to get patient and administration systems back up and running, Mr Reid said.
A ransom note purporting to come from the criminal gang was published in the US media at the weekend and threatens the release of detailed patient information unless a ransom of $20 million is paid.
US site Bleeping Computer says the note was obtained from a cybersecurity professional working on the attacks. It claims the attackers have been inside the HSE system for two weeks and encrypted a significant amount of data, including patient and banking details.
A series of attacks of this manner began about 18 months ago linked to a Russian gang known as Wizard Spider, which has also outsourced attacks to other criminal gangs in exchange for a share of the ransoms that are paid. Most of the activity has originated in Russia or eastern Europe and those origins are suspected for the Irish attack.