Skip to main content

Warning notification:Warning

Unfortunately, you are using an outdated browser. Please, upgrade your browser to improve your experience with HSE. The list of supported browsers:

  1. Chrome
  2. Edge
  3. FireFox
  4. Opera
  5. Safari

HSE cyber-attack - staff information

We are writing to approximately 18,200 staff whose personal information was illegally accessed and copied during the cyber-attack.

It will take a number of months to write to everyone as we take the time to notify each person securely. We hope to write to all the people that need to be notified by April 2023.

Your letter will tell you what kind of information was accessed about you and how to request to see the exact documents accessed if you wish to do so.

The health service files that were illegally accessed and copied have been thoroughly examined and validated. They are wide-ranging and include a mixture of personal information, medical information, and internal health service files. They include documents such as HR forms submitted by staff in relation to leave and a limited amount of financial information, mainly relating to staff travel expenses.

We have started by notifying the first group of staff and service users this week. This includes approximately 850 of our own staff who are being notified that files mainly relating to HSE travel expense claims were illegally accessed and copied.

If you have any concerns about your bank account details, we advise you to contact your bank for advice and guidance.

Information and supports are available to you if you get a letter over the coming weeks telling you your personal data was accessed.

What you can do if you get a letter from us

No evidence your information used in scams or fraud

We have no evidence that any of the illegally accessed personal information has been used in scams or fraud.

A small amount of HSE information appeared on the 'dark web' immediately after the cyber-attack. This information has since been taken down. The dark web is a part of the internet you can only get to using special computer programs.

After over a year of investigation and careful online monitoring, we have no evidence that any other information has been published online.

Protect yourself from scams or attempted fraud

What the HSE is doing

We are doing all we can to make sure a cyber-attack like this does not happen again.

Since the incident we have:

  • strengthened our IT and cyber security
  • trained our staff about cyber security
  • worked with international and national cyber security experts to protect against future attacks

We continue to help the GardaĆ­ with their ongoing investigation.

Cyber security experts are continuing to monitor the internet and the dark web for illegally accessed information. They are looking for any signs of it being published or used.

If they find any evidence that the information is published or used online, we will act straight away. We will work with digital publishers, search engines and social media networks to ensure it is removed as soon as possible and is not shared.

Read more about what the HSE is doing in response to the attack

Staff support

All of the usual support services for staff are available at this time.

Your line manager and local HR or Employee Relations Department can provide support and discuss options with you.

The Employee Assistance Programme (EAP) is available to you at any time. The EAP is a free confidential counselling service for all HSE staff. It can support you with personal or work-related psychosocial issues affecting your job performance or home life. Call 0818 327 327 to speak to someone.