People who were affected by the 2021 cyber attack on the Health Service Executive have yet to be informed.
Cyber security experts from the HSE have been monitoring the internet for the data, and say they will act “immediately” if they find any evidence it is being used.
The HSE has yet to inform those affected by last year’s cyber attack that their data may have been compromised, but plan to do so “as soon as possible”.
Read more: Dad-of-seven stabbed to death at Kerry funeral issued video pleading for no violence
The major ransomware attack took place in May 2021, causing major disruption to the system and appointments.
Information held by the HSE on their computer systems was illegally accessed and copied by cyber criminals. Gardai were provided with details of the incident in December 2021, the HSE said.
The health body has said that the process of reviewing the compromised data and the affected individuals is taking time.
A statement to the Irish Mirror said: “The HSE has been reviewing the data that was illegally accessed and copied to allow us to notify individuals as required and is in the process of verifying the identity of the relevant individuals for notification purposes.
“This is taking time due to the volume of data impacted and the importance of ensuring we are notifying the correct people. This process is well advanced and we anticipate being in a position to notify relevant data subjects as soon as possible.”
In cases where there is an obligation to notify people under the General Data Protection Regulation (GDPR), the HSE said they will contact them directly.
They have also been closely monitoring the internet and dark web for stolen data. Thus far, they have seen no evidence that it has been posted online or used for criminal purposes. This is apart from a small amount of data that has been removed following an article by the Financial Times that referred to it.
The statement said: “The HSE is taking every step necessary to minimise the impact of this data breach and to safeguard individuals' personal data against any potential future unauthorised activity.
“It should be noted the HSE has been monitoring the internet including the dark web since the cyber-attack and has seen no evidence at this point that the illegally accessed and copied data has been published online or used for any criminal purposes (other than a small amount of data which was referred to in an article in May 2021 by the Financial Times and subsequently removed).
“Our cyber security experts are continuing to monitor the internet and the dark web for illegally accessed information. They are looking for any signs of it being published or used and we will act immediately if they see any evidence of this."
The HSE has advised people to be wary of suspicious calls, emails or texts and to avoid clicking on any links that may be sent to them. Do not give financial information to personal information out, unless it is to a “trusted and legitimate source”, they suggest.
“The HSE or your bank will never phone, text, email or video call you unexpectedly asking for your bank details. Never give your bank details, passwords or personal details if it seems a bit odd or out of the blue.
"If you believe you are a victim of a cyber-crime, please take screenshots of texts and emails and contact your local Garda station,” the HSE said.
READ NEXT:
Ireland weather: Met Eireann forecast weather 'chaos' as 'thundery bursts' hurl through the country
Man arrested over Kerry funeral stabbing as gardaí piece together details of horror killing
Why you shouldn't turn your broadband on and off to save on electricity bills amid warning
Lucky escape for TD as thugs run at him and 'reach for weapon' during terrifying ordeal in Dublin
Get breaking news to your inbox by signing up to our newsletter