NHS Patients’ Private Medical Records Exposed Online: Cyber Attack on NHS Dumfries and Galloway

The private medical records of NHS patients have been compromised, with cyber criminals leaking sensitive information online. A hacking group known as INC Ransom stole a massive 3TB worth of data from NHS Dumfries and Galloway, equivalent to 43 million emails. The group demanded a ransom to keep the information private, but now thousands more records could be at risk of being published.

The Sunday Mail was able to access documents released by the hackers on the dark web, revealing personal details of six patients, including a disabled 10-year-old and an 81-year-old man. The leaked information includes patients’ names, dates of birth, unique numeric identifiers, home addresses, and even personal email addresses. Additionally, the documents contain intimate medical histories, test results, and private disclosures made to doctors.

NHS Dumfries and Galloway confirmed that the six affected patients have been notified, but the extent of the breach remains unclear. Experts warn that the stolen data could lead to identity fraud, phishing attacks, or blackmail. The Information Commissioner’s Office and Police Scotland are investigating the incident, while calls have been made for Health Secretary Neil Gray to address the breach and prevent similar attacks in the future.

The breach highlights the vulnerability of sensitive medical information and the potential risks patients face when their data is compromised. As the investigation continues, the focus remains on protecting patient privacy and preventing further breaches in the healthcare system.