The Ransomware Attack on the Irish Health Service Executive

Img source:

On May 14, 2024, a group of hackers targeted the Irish National Health Service Executive (HSE) in a ”catastrophic” cyber-attack. Two days later, on May 16th, another cyber-attack hit the Irish Department of Health, and it was forced to shut down its IT systems to investigate the attack and protect the patients’ data. 

Unfortunately, during the system outage and because computers were inaccessible, patients and health care workers had had to use paper documents. While the system was down, patients also experienced delays and cancellations. Outpatient appointments witnessed substantial cancellations. According to the Irish Department of Health, in some areas in Ireland, the percentage of appointments dropped by 80%. 

The Irish healthcare department had to shut down its systems for over a month. Finally, on June 30, the IT staff was able to restore all the encrypted and lost medical data. Unfortunately, despite their attempts to keep the data safe, the hackers had already leaked a considerable amount of information. 

Health Service Executive (HSE) chief executive Paul Reid said that there are 2,000 systems and more than 4,500 servers used by the health service in Ireland. The hackers attacked and breached the data of the patients that are registered on these servers.

Leaked data included names, addresses, phone numbers, email addresses, medical records, notes, and treatment histories. 

The Health Service Executive (HSE) wrote on its website that “a small amount of HSE data has appeared on the ‘dark web,’ a part of the internet which can only be accessed using special programs. Action is being taken to assist the people affected by this.” 

Stolen data can be used and abused in countless ways, one of which being identity theft. Scammers have always been trying to steal people’s personal information to make money out of it. 

Cyber-attackers steal the victim’s personal data to create “identity kits” on the dark web (also known as the darknet). These kits bring them a lot of money; for example, back in 2017, these records would sell for up to $1,000 online, and the price can change depending on the completeness and usefulness of the information that they contain. (Experian)

And now, four years later, cybercrime has multiplied and attackers have been making money off the backs of the people.

How Do Ransomware Attacks Happen?

Img source:

Ransomware attacks are as old as the internet. They’re not limited to a certain group of people; ransomware attacks happen to individuals, the health care sector, startups, big businesses, and even transport systems.  

One of the most recent big cyber-attacks is the Microsoft Exchange Server data breach that happened in March 2024. The attackers have targeted more than 250,000 servers belonging to universities, researchers, defense contractors, and law offices stealing and encrypting personal data and leaking some to the dark web. 

Attackers look for weaknesses in the targeted systems. And health systems dedicate only 4% to 7% of their budget toward cybersecurity (Medical Economics), making those systems easy prey for cyber-attacks.

Ransomware is a form of malware. In a ransomware attack, the attacker encrypts the data and files of the victim to ask for a ransom. Only if the victim pays the ransom, the attacker will give them the tool to decrypt the data.

Another possibility is that the attacker will hold the data “hostage” and threaten to leak it if the ransom isn’t paid. In the case of a health organization, leaking the data can pose a huge danger to the safety of the patients, which usually causes the victims to pay the ransom to decrease the losses.

Cybercrime in Health Care Organizations Statistics (2024)

Img source:
  • With the pandemic, most organizations had to start operating remotely. As for health organizations, patients and staff had to start using telehealth applications. This increase in the usage of online services caused a surge in the number of cyber-attacks.
  • 148 hospitals reported that the security alerts they received had gone up 30% for the period March-April 2024 alone. (Health Care Dive)
  • There had been 132 reported attacks on network servers, computers, emails, and electronic medical record systems only in the first half of 2024. (Medical Economics)
  • In 2024, healthcare data breaches totaled 599, up 55.1% from 2019. And they are only going up in 2024. The average cost of data breaches in health care systems has increased 10.5% from 2019 to 2024. The cost per breached record also rose by 16.3% to reach $499 in 2024 from $429 in 2019. (MedCityNews)
  • “Almost every month last year [2020] more than 1 million people were affected by data breaches at healthcare organizations,” said the Department of Health and Human Services. (Forbes)

How to Prevent Ransomware Attacks

Img source:

Now that ransomware attacks are on the rise, it is vital for health care systems to take precautions to protect their data. More money should be spent on precaution rather than on restoring data after an attack has happened.

Employers should always dedicate a part of the training they offer to the employees to educate them about cybercrime and how to avoid being hacked.  Workers should always be aware not to click on any links with unknown sources lest they have embedded malware. 

Another necessary step to take for protecting sensitive data is to choose strong, reliable antivirus software. 

An antivirus will constantly scan your device and system for any malware threats and notify you in case of detecting any. With its firewall, it will prevent any virus or malware from getting to and infecting your system.

This firewall also adds an intrusion detection system to prevent any potential intruder from using your private network.

To get an idea of what Antivirus is considered excellent and reliable, see the list of top Antivirus software of 2024, prepared by the cybersecurity experts at

Besides using an antivirus, health care organizations must always back up their data. If they always back up their data and store it on different servers, they wouldn’t need to pay a ransom to retrieve it.  

If health systems utilize antivirus software to protect their sensitive data, attackers will have a non-zero chance of hacking the systems.