Update on NHS cyber attacks

Scottish Government resilience meeting to discuss on-going response.

First Minister Nicola Sturgeon has chaired a Scottish Government resilience (SGORR) meeting following confirmation that a number of health boards are affected by cyber attacks.

During the meeting the First Minister, Deputy First Minister John Swinney and Health Secretary Shona Robison were updated by officials from the National Cyber Security Centre, and the Scottish Government. It was confirmed that:

  • At the present time, twelve Scottish health boards have been affected by a Ransomware cyber-attack of the kind which has also affected health trusts in NHS England.
  • These boards are NHS Borders, NHS Dumfries and Galloway, NHS Fife, NHS Forth Valley, NHS Lanarkshire, NHS Greater Glasgow and Clyde, NHS Tayside, NHS Western Isles, NHS Highlands, NHS Grampian, NHS Ayrshire and Arran and Scottish Ambulance Service.
  • There is no evidence that patient data has been compromised.
  • Most incidents have been confined to desktop computers in GP surgeries, dental practices and other primary care centres.
  • The only acute hospital sites so far affected have been in NHS Lanarkshire. Steps have already been taken to close down affected systems and these hospitals continue to operate.
  • Patient services, including emergency service, are continuing to operate across Scotland.

The incident in the NHS is believed to be part of a wider international cyber-attack.

First Minister said:

“Earlier today a Ransomware cyber-attack of the kind which has impacted NHS England, was found to have affected twelve health boards across NHS Scotland. Immediate steps were taken to isolate the affected systems and to ascertain the exact nature of the malware being used.

“I have convened a Scottish Government resilience meeting to ensure that we are closely monitoring the situation.

“All necessary steps are being taken to ensure that the cause and nature of this attack is identified. There is no evidence that patient data has been compromised.

“Our officials continue to work closely with affected boards and relevant authorities like the National Cyber Security Centre to take steps to isolate any affected systems.

“Our priority is to ensure that boards get all the support required to identify the full extent of any problems, and return IT systems to normal as soon as possible, so there is as little impact on patient care as possible.

“I would like to thank all of the NHS staff who are continuing to work hard to ensure that the impact of this attack is kept to an absolute minimum.  I have complete confidence that they will continue to provide the excellent care for which they are famous.”

Further meetings of SGORR will be held over the weekend as required.


Media enquiries

Back to top