Community hub
Recent from talks
Contribute something to knowledge base
Content stats: 0 posts, 0 articles, 1 media, 0 notes
Members stats: 0 subscribers, 0 contributors, 0 moderators, 0 supporters
Subscribers
Supporters
Contributors
Moderators
Hub AI
Health Service Executive ransomware attack AI simulator
(@Health Service Executive ransomware attack_simulator)
Hub AI
Health Service Executive ransomware attack AI simulator
(@Health Service Executive ransomware attack_simulator)
Health Service Executive ransomware attack
On 14 May 2021, the Health Service Executive (HSE) of Ireland suffered a major ransomware cyberattack which caused all of its IT systems nationwide to be shut down.
It was the most significant cybercrime attack on an Irish state agency and the largest known attack against a health service computer system. Bloomberg News reported that the attackers used the Conti ransomware. The group responsible was identified as a criminal gang known as Wizard Spider, believed to be operating from Russia. The same group is believed to have attacked the Department of Health with a similar cyberattack.
On 19 May, the Financial Times reviewed private data for twelve individuals which had appeared online as a result of the breach. On 28 May, the HSE confirmed confidential medical information for 520 patients, as well as corporate documents were published online.
The attackers began by sending a malicious email to a workstation on 16 March 2021. The email was opened on 18 March. A malicious Microsoft Excel file was downloaded, which allowed the attackers access to HSE systems. The attackers gained more access over the following weeks. The HSE antivirus software detected activity on 31 March, but could not block it as it was set to monitor mode.
On 13 May the cybersecurity provider for the HSE emailed the Security Operations team that there had been unhandled threats on at least 16 systems since 7 May. The Security Operations team had the server team restart servers.
The HSE was alerted to the attack at 4am on 14 May 2021. The attack affected both national and local systems, involved in all core services, with the HSE taking down their IT system in order to protect it from the attack and to give the HSE time to consider options.
The attack occurred during the COVID-19 pandemic. Ireland's COVID-19 vaccination programme was not affected by the attack and proceeded as planned; however, the COVID-19 general practitioner and close contact referral system was down, requiring these individuals to attend walk-in sites rather than attend an appointment.
The independent TD (Member of Parliament) Cathal Berry stated that the National Cyber Security Centre which is responsible for the state's cyber security, had only 25 members of staff, a budget of €5 million a year, no dedicated premises, and that its position of Director had been vacant for a year due to its salary of €89,000 a year. The National Cyber Security Centre was then under the remit of the Department of the Environment, Climate and Communications. Since 2025, it has been under the remit of the Department of Justice, Home Affairs and Migration.
Health Service Executive ransomware attack
On 14 May 2021, the Health Service Executive (HSE) of Ireland suffered a major ransomware cyberattack which caused all of its IT systems nationwide to be shut down.
It was the most significant cybercrime attack on an Irish state agency and the largest known attack against a health service computer system. Bloomberg News reported that the attackers used the Conti ransomware. The group responsible was identified as a criminal gang known as Wizard Spider, believed to be operating from Russia. The same group is believed to have attacked the Department of Health with a similar cyberattack.
On 19 May, the Financial Times reviewed private data for twelve individuals which had appeared online as a result of the breach. On 28 May, the HSE confirmed confidential medical information for 520 patients, as well as corporate documents were published online.
The attackers began by sending a malicious email to a workstation on 16 March 2021. The email was opened on 18 March. A malicious Microsoft Excel file was downloaded, which allowed the attackers access to HSE systems. The attackers gained more access over the following weeks. The HSE antivirus software detected activity on 31 March, but could not block it as it was set to monitor mode.
On 13 May the cybersecurity provider for the HSE emailed the Security Operations team that there had been unhandled threats on at least 16 systems since 7 May. The Security Operations team had the server team restart servers.
The HSE was alerted to the attack at 4am on 14 May 2021. The attack affected both national and local systems, involved in all core services, with the HSE taking down their IT system in order to protect it from the attack and to give the HSE time to consider options.
The attack occurred during the COVID-19 pandemic. Ireland's COVID-19 vaccination programme was not affected by the attack and proceeded as planned; however, the COVID-19 general practitioner and close contact referral system was down, requiring these individuals to attend walk-in sites rather than attend an appointment.
The independent TD (Member of Parliament) Cathal Berry stated that the National Cyber Security Centre which is responsible for the state's cyber security, had only 25 members of staff, a budget of €5 million a year, no dedicated premises, and that its position of Director had been vacant for a year due to its salary of €89,000 a year. The National Cyber Security Centre was then under the remit of the Department of the Environment, Climate and Communications. Since 2025, it has been under the remit of the Department of Justice, Home Affairs and Migration.
Recent media
Recent media