Gardaí urge victims to report cybercrime but cannot confirm link to HSE hack

Claims circulating online that people are receiving phone calls citing personal details

Paul Reid, chief executive of the HSE, has said online criminals are ‘leveraging off the fear of people, of their data potentially being out there'.  File photograph: Crispin Rodwell
Paul Reid, chief executive of the HSE, has said online criminals are ‘leveraging off the fear of people, of their data potentially being out there'. File photograph: Crispin Rodwell

Gardaí have urged anyone who believes they are the victim of cyber-related crime to report the matter but said they could not confirm “with full certainty” that a spate of recent alleged frauds were linked to the HSE hack.

In recent days, claims have been circulated on social media and WhatsApp that due to the recent ransomware attack “people are receiving phone calls from a Dublin number pretending to be the HSE – with people’s personal details including date of birth, PPS number and dates of past hospital admissions”.

“They are asking for bank details to ‘refund the person due to the overcharging’. This is a scam do not engage,” says one of the messages being circulated.

The HSE said it “cannot confirm these reports” on Friday but said the public should “remain alert”.It said anyone who becomes suspicious about their personal data being compromised should immediately contact the gardaí.

READ MORE

“All of our work and efforts are going into assessing and protecting the data we have on our servers,” a spokeswoman for the HSE said.

In a statement on Friday, the Garda said its National Cyber Crime Bureau is continuing its criminal investigation into the cyberattack.

"An Garda Síochána encourages people who have reason to suspect they are victims of cyber-related crime, particularly the recent criminal cyberattack of the HSE, to make a report at their local Garda station.

“It has not been confirmed with full certainty that personal records or data reported to have been circulated are in fact genuine, even though this is probable and would be a feature of these attacks.

“In general, our crime prevention advice has been, and remains, if you are contacted by persons stating that they have your personal details and/or looking for bank account details you should not engage or provide any personal information.”

Data breaches

It added: “An Garda Síochána is encouraging people to report suspected breaches of personal data, which will be examined by specialist investigators. Such reports will be handled in a sensitive manner.”

Paul Reid, chief executive of the HSE, said at a briefing on Thursday: "At this point in time there is no doubt that other criminal organisations or other fraudsters are using this as an opportunity, both here within Ireland and I've no doubt internationally, to try to attempt to fraud people... Don't give any confidential information that you have."

Mr Reid said people were “leveraging this opportunity” to contact the public and extract some further information. Online criminals are “leveraging off the fear of people, of their data potentially being out there”, he said.

Sarah Burns

Sarah Burns

Sarah Burns is a reporter for The Irish Times