Coronavirus information

Visitor restrictions, information for patients and more.

View coronavirus information

FOI 5262 Cyber attacks

I am writing to you under the Freedom of Information Act 2000 to request the following information for the period 1st January 2017 to 22nd May 2017:

  1. Details of any Ransomware that has affected any of the IT systems used by the Heart Of England NHS Foundation Trust. In each case this should include:
    • The name of the Ransomware 

WannaCry

    • The systems affected by the attack and what it is normally used for

See Note 1 below

    • The operating system being run

See Note 1 below

    • When and for how long systems were affected-

See Note 1 below

    • How the systems were affected, i.e. whether files were decrypted, systems locked, or other (please specify)

See Note 1 below

    • What would happen if the ransom was not paid

See Note 1 below

    • How the Ransomware gained access to the network, i.e. phishing email, USB stick, other (please specify)

See Note 1 below

    • The ransom requested

$US300

    • If the ransom was paid and the total ransom paid for the attack

No

    • The number of medical activities (e.g. operations, scans, prescriptions, etc) that had to be suspended or altered during the infection period

12 Trauma and Orthopaedic cancellations.

Affected devices were isolated until fixes applied and alternative PCs were used

  1. Details of any other type of malware that has affected any of the IT systems used by the Heart of England NHS Foundation Trust. In each case this should include:
  • The name of the malware

No major malware or virus attacks; however like many organisations the Trust will be subject to virus, Ransomware etc. attacks on a daily basis which are usually detected and prevented by firewalls and AV solutions

    • The systems affected by the attack and what it is normally used for

Not applicable

    • The operating system being run

Not applicable

    • How the systems were affected, i.e. whether files were decrypted, systems locked, data stolen or other (please specify)

Not applicable

    • When and for how long systems were affected

Not applicable

    • How the Ransomware gained access to the network, i.e. phishing email, USB stick, other (please specify)

Not applicable

    • The number of medical activities (e.g. operations, scans, prescriptions, etc.) that had to be suspended or altered during the infection period

Not applicable

  1. Any correspondence between senior members of staff about incidents logged as part of 1 and 2.

See note 1 below

  1. Any correspondence between the Heart of England NHS Foundation Trust and government departments logged as part of 1 and 2.

See Note 1 below

Note 1: Where stated above, the trust does hold this information; however we are withholding it under Section 31 (3) of The Freedom of Information Act as the disclosure could prejudice the prevention or detection of (cyber) crime. There is therefore significant public interest in not providing this information.

 

Thinking of going to Accident and Emergency but not sure if you need to? Try our handy symptom checker.

Try ask A&E

We're improving the accessibility of our websites. If you can't access any content or if you would like to request information in another format, please view our accessibility statement.