Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
THE HSE HAVE said it may take up to four months to contact all thepeople who had data stolen in the cyber attack on the health service earlier this year.
The data was recovered by the Garda National Cyber Crime Bureau, who received it from the US Department of Justice through a Mutal Legal Assistance Treaty. It was provided to the HSE last Friday, 17 December.
It comes as the HSE released a report on the cyber attack earlier this month, which details how the hackers were in the health service’s computer systems for eight weeks prior to detonating the attack.
In a statement this afternoon, the HSE has confirmed that the recovered data was taken from its computer systems.
However, the HSE has said that they have been monitoring the internet, including the dark web, since the cyber attack and have seen no evidence that any of the data was published online or used for criminal purposes.
“We will continue to work with our technical experts and An Garda Síochána and have seen no evidence of inappropriate use of stolen or copied data,” said a spokesperson for the HSE.
The health service has also said that it has begun the process of identifying any individuals who had data stolen, and that it may take between three and four months to identify and contact people who are impacted.
The Data Protection Commission (DPC) has also been updated by the HSE on the stolen data.
“The HSE is reviewing this material to identify any individuals whose personal data was stolen and will notify the relevant data controller as required and affected individuals as required following engagement with the DPC,” said a spokesperson for the HSE.
This could take 12-16 weeks due to the volume of this data. We are at a very early stage of assessing the data received on 17th December 2021 and don’t yet know the numbers of individuals impacted.
According to the HSE, they expect that the data will be a mix of personal data, medical information, HSE corporate information, commercial data and general personal administrative data.
Personal data would include names, addresses, phone numbers and email addresses, while medical information includes past medical records, notes and treatment histories.
“Where we identify personal information belonging to any individual compromised in this dataset we will take appropriate action at that point following engagement with the DPC. You do not need to do anything or contact the HSE,” said a HSE spokesperson.
A High Court order remains in place to prevent the publishing of any data stolen from the HSE during the cyber attack, with the health service saying that they will enforce this order and take action where necessary if the order is breached.
In the report, issued earlier this month, also details how the HSE were unprepared for a cyber attack due to the weakness of their IT system and a lack of cybersecurity detection and monitoring.
The attack itself has is set to cost the HSE €100 million, with half of that cost being incurred in 2021, while the remaining half being a recurring fee into 2022.
To embed this post, copy the code below on your site
Best description I have read when trying to explain cloud, particularly to non techie senior managers is a very simple one liner.
‘Storing your information on someone else’s computer’
Cloud is a window for the NSA.
Frank, does that mean they have access to all data ?
Noone knows for sure but we have good reason to suspect they do.
Sometimes Frank, among all the crazy talk, you do hit the nail on the head.
Security experts also suspect they have a backdoor to break AES encryption.
More than likely they have a back door to your PC and Smart phone irrespective and without a warrant also any email / internet transaction through a US based server can be spied on by the NSA.. Here’s the timeline for domestic Spying…
It is prudent to assume that EVERYTHING is compromised.
I said AES in my last comment. I meant DES.
check out arxshare, this will be difficult for the NSA ;)
What about Mega.co.nz? You get 50gb free & it uses end to end encryption.
Mega is hardly reliable though is it?
Could go down tomorrow for all we know
Data Protection hate the cloud. You have no guarantee as to where your data is stored and no idea of who has physical access. If you hold any sort of confidential data, do NOT use a public cloud. If it’s only your own photos, music and documents, then go for it.
NAS (Network Attached Storage) is a far cheaper per gb ,and safer alternative.
Basically a hard drive connected to your router so it can be accessed online from anywhere. Should be the next big thing in the consumer tech market
It’s cheaper per gb at first glance only.
When you consider quality and reliability of that access – then it’s not that instant winner anymore.
And security wise – many would argue here. If setup wrongly, nas drive may be childishly easy to break into, while professional cloud services mentioned in the article, while still exposed to some breach have the basics definitely better covered – allow less user error.
Of course if you buy crap you get crap but for relatively low investment you can get great quality.
Reliability again is down to your in segment in broadband – invest well get reliability.
Security-wise I’d rather have my data sitting in a hard drive beside my router rather than in a data centre I have no control of – not who handles my drive.
NAS drive:
- uses your household electricity (I know small, but…), cloud not
- is dependable on your Internet connection, cloud is hosted on mesh of super fast links and basically always ON
- is not great for sharing, cloud is (imagine 10 co-workers downloading large graphics files from your NAS)
- is not providing any data redundancy (if your NAS fails your data is gone – unless you have another solution setup for it), cloud is fully redundant
- cannot easily scale, cloud scale very easily if your demands grow
Security? There is no such thing as privacy in the Internet, connecting own NAS disk does not change anything here. You are still using online banking, Facebook, you are still sending emails with attached CV’s or payslips that are stored on email servers, you are still buying in the Internet… Everywhere you touch you leave trace. Therefore cloud is as secure as anything else to me :)
If your house floods or goes on fire your “cloud” storage hasn’t worked at all. Off site backup is key and NAS at home is a crap option unless your get some enjoyment from making things harder then they need to be.
Protip: for people who need large amounts of storage or are concerned about it being spied on, go onto dabs.ie.
Look up western digital my cloud.
1tb own personal cloud you can access anywhere, if I remember right it’s the bones of 100 quid.
Easy set up and no worries.
Also, it’s a physical thing you connect to your own network at home via Ethernet cable, it’s not an online service.
If you’ve got a VPN as well, about as secure as possible.
It’s not a cloud. Its a server.
I’m aware it’s a NAS server but let’s try to keep it simple here.
1. Worry – what if you are burgled and they take the NAS?
Jamie, what kind of authentication and encryption are you using for that?
“Copy” is another cloud based storage app. 35GB’s of space.
Dropbox is the best by far.
I didn’t see any mention of the fact that providers use bots to read your data in order to direct advertising at you. I wouldn’t put anything in the cloud without first applying 128 bit AES encryption.
Dropbox is the best, and very easy to use with a nice interface
Just set your libraries to sync to OneDrive and forget it. It’s solid in all areas and the Office online apps are useful in a pinch.
Simplicity is key.
Logmein’s “Cubby” is brilliant if you need access to clients files. You can create a directory for each client and lock it down with a unique password. It can be setup so each client can only see they’re directory. You get 5gb free, plus it has an app for iOS & Android. I’m paying €45 a year for 1tb of data. Also, If you accidentally delete files, you can recover them anytime and from anywhere. I tried a few cloud systems and most had problems with security and access.
Flickr has an allowance of 1000 gb free.
“That said, each service offers encryption to make sure your data is safe but on the users’ end, the best thing to do is to create a strong password”
I very much disagree with this. Security and privacy must be the main argument for choosing a cloud storage solution, and although they all offer encryption, all mentioned services encrypt on the server, and therefore are not secure and see transport the user’s data in plain text.
There is a trend towards client-side encryption (or end-to-end encryption) and self-hosted clouds. Companies that want to secure their intellectual property should consider solutions like Owncloud or Arxshare http://www.arxshare.com.
wuala.com
- As best I recall, all servers are in Europe.
- Uses ‘Client side’ encryption.
- Can sync easy with your chosen PC folders.
- Mobile apps.
- Only 5gb free.
have your say