Vivienne Clarke
The director-general of the Health Service Executive, Paul Reid has said it would cost “tens of millions” to “fix” the network system impacted by last week’s cyber attack.
It comes as the HSE’s chief operating officer Anne O’Connor has said that it was not possible to guarantee that people’s private medical information would not be shared on the internet by those behind the attack.
The HSE was hit on Friday by a ransomware attack, while the Department of Health shut down its systems after finding a similar digital note to that which was found on the HSE's systems.
“What we have to do here is a very significant rebuild,” Mr Reid told RTÉ radio’s Morning Ireland.
Whatever was required to protect services and patients “to the greatest extent” would be done, he said.
Mr Reid also said that the ransomware attack on the HSE’s IT system was a “serious criminal act” on sick people that would continue to have serious consequences for the remainder of this week.
Containing the impact
Private hospitals will be used this week to access oncology services and some diagnostics, he said. This was continuing on from the work the private hospitals had been doing with the HSE on Covid, he added.
The HSE was working to contain the impact and teams had worked “around the clock” over the weekend to get patient and administration systems back up and running.
When asked if he knew what was the amount of the ransom being demanded, Mr Reid said that personally he did not know and he was leaving the issue in the hands of the security experts.
Ms O’Connor said that the attack compromised the whole system.
“This is a very serious attack, it has really compromised our whole system, we know data has been encrypted, but we don't know what data has been taken - we don't know what data, if any, is gone. We know some data has been compromised.
“IT teams are working to see what data has been impacted. Unfortunately we cannot give reassurance in terms of what data may or may not have been stolen,” she told Newstalk Breakfast.
She said they have alerted the Data Protection Commissioner that there may have been a potential breach, the nature of which they are still unsure about.