# Hacked Medical records (HSE)



## Thirsty (23 May 2021)

Does anyone know how one might find out if their medical records were published? (Aside from waiting for scammers)


----------



## noproblem (23 May 2021)

Not a clue how you might find that out, and to tell you the truth I care less if they are or not. One thing's for sure, I won't be suing anyone if they are published and i've had plenty wrong medically over the years. I live in Ireland and am fairly certain the neighbours know everything anyway. If the rest of the country find out? So what?


----------



## Gordon Gekko (23 May 2021)

noproblem said:


> Not a clue how you might find that out, and to tell you the truth I care less if they are or not. One thing's for sure, I won't be suing anyone if they are published and i've had plenty wrong medically over the years. I live in Ireland and am fairly certain the neighbours know everything anyway. If the rest of the country find out? So what?


That’s fine for you, but there could be people with very confidential or sensitive issues.


----------



## noproblem (24 May 2021)

Gordon Gekko said:


> That’s fine for you, but there could be people with very confidential or sensitive issues.


True and I understand that, but it is what it is and can't be changed. In any case, doesn't answer the Op's question


----------



## bunny_ (24 May 2021)

I would imagine the HSE (or rather the guards) are monitoring the Dark Web for medical records being sold, I heard something like the low 20's in number were out there and RTE said that a lot were untouched the other day... if you're unlucky that you were published then I'm sure they would contact you as the guards are involved on the case at this stage...


----------



## Thirsty (24 May 2021)

All medical information for all citizens is confidential and sensitive.  It's not a unique condition to any one person.

I don't have quite the same confidence that Gardai would contact everyone directly; in fact I'd be pretty certain they wouldn't expend time on it.


----------



## Clamball (24 May 2021)

I would love to see what medical records about me were out there but I doubt if anyone else would find them as interesting as me.  I can however understand others who would be extremely upset if they had the same experience.  The horribleness of the invasion of privacy is horrendous.

Plus all the pay and personal details of the HSE staff is probably floating around.  

I wouldn’t have any idea about how to find my data, maybe journalists will be able to demonstrate but will website publishing the days be shut down as soon as they are discovered?


----------



## Gordon Gekko (24 May 2021)

noproblem said:


> True and I understand that, but it is what it is and can't be changed. In any case, doesn't answer the Op's question


So why did you post it then?

The chronology was:

- OP asks how to find out if medical records have been published
- You say that you’ve no idea but then tell everyone that you don’t care anyway
- I point out that it may be fine for you but not for other people
- You rather bizarrely tell me that I’m not answering the OP’s question

Very strange.


----------



## Brendan Burgess (24 May 2021)

Folks - please keep your personal dispute out of this and focus on the original question only.  Any further off topic posts will be deleted.

Maybe go to Letting off Steam if you really must continue the conversation.

Brendan


----------



## Thirsty (24 May 2021)

Clamball said:


> I wouldn’t have any idea about how to find my data


You are entitled to a full copy of all your medical data from anywhere you were treated including anything in paper format.

This might not be a good time to ask however!


----------



## Itchy (24 May 2021)

Thirsty said:


> Does anyone know how one might find out if their medical records were published? (Aside from waiting for scammers)



There is a high court injunction in place regarding the data, so it is highly unlikely that the data will be generally accessible from Ireland through the likes of Google, Facebook, Twitter etc. Crude but necessary legal measure however, the effectiveness will low. Highly likely that the data will be used for scamming purposes over the next couple of years.



bunny_ said:


> I would imagine the HSE (or rather the guards) are monitoring the Dark Web for medical records being sold, I heard something like the low 20's in number were out there and RTE said that a lot were untouched the other day... if you're unlucky that you were published then I'm sure they would contact you as the guards are involved on the case at this stage...



The HSE will be obliged to contact those whose data has been compromised.


----------



## Itchy (24 May 2021)

Thirsty said:


> This might not be a good time to ask however!



If you contact them now you could get on the waiting list!


----------



## DublinHead54 (24 May 2021)

Thirsty said:


> Does anyone know how one might find out if their medical records were published? (Aside from waiting for scammers)



This website  in general is good but is likely tracking websites only and probably doesn't capture the HSE. Also as I understand with this hack everyone's data is at risk. 

The other option is to access the dark web yourself, which can be done via the TOR Browser. It then depends whether the hackers themselves have published publically or just put them up for sale. It would just then be a lot of searching on TOR to see if they are available publically. 

It is quite a difficult situation and if think it is best just to wait and see if the Gards or HSE reach out to notify you.


----------



## Thirsty (24 May 2021)

As I've previously pointed out, it's not unique to any one person.

I'd like to see a process for people to be notified - at the very least they would be (one hopes) more on guard against scammers.

So far I've not seen anything published from HSE as to what action they will take.


----------



## tnegun (24 May 2021)

+1 for  they index this content when it becomes available so looking for your phone number or email if HSE had it might return some results.


----------



## Up Rovers (24 May 2021)

It was mentioned on one of the news items on telly last week that they will probably release records on psychiatric patients as they would be seen as more vulnerable and easier to get money out of.


----------



## Peanuts20 (25 May 2021)

Bear in mind, it won't just be your medical records. The hackers are also likely to have your name, DOB, address, phone and email, PPS number, Medical card number, Private insurance details and next of kin details as well as copies of your signature (if it had been scanned). In effect, enough to carry out a decent attempt at a scam. That's before we know if any payment details or IBAN's were also compromise.


----------



## elcato (25 May 2021)

Peanuts20 said:


> The hackers are also likely to have your name, DOB, address, phone and email, *PPS number*,


I don't recall ever being asked for PPS number by my GP or in Hospital but I presume it is common ?


----------



## Sue Ellen (25 May 2021)

elcato said:


> I don't recall ever being asked for PPS number by my GP or in Hospital but I presume it is common ?


Very unusual for a GP not to ask for your PPS number unless you are with them possibly since you were a child.  Hospitals definitely ask.


----------



## Cervelo (25 May 2021)

Do they still ask for your mothers maiden name, I would presume this would be an important bit of info for a hacker


----------



## Peanuts20 (25 May 2021)

Cervelo said:


> Do they still ask for your mothers maiden name, I would presume this would be an important bit of info for a hacker


they did when I registered for the Covid Vac. No idea why.


----------



## Cervelo (25 May 2021)

Peanuts20 said:


> No idea why.


 I always presumed it was an additional check to make sure you are who you say you are


----------



## Laughahalla (30 May 2021)

Sue Ellen said:


> Very unusual for a GP not to ask for your PPS number unless you are with them possibly since you were a child.  Hospitals definitely ask.


My GP asked for my PPS number very recently when I was getting the Covid vaccine.


----------



## Leo (31 May 2021)

First of all, you will need the Tor browser to surf the dark web, then spend hours going from forum to forum to find links to popular market sites (dark web is isn't indexed by the likes of Google search engine). However, don't expect to stumble across your data. The perpetrators of this attack run this as a business, so they don't give away the data for free. They'll likely publish snippets to prove they have valuable data and package up the rest for sale to scammers.


----------



## Thirsty (3 Jun 2021)

Update: 

HSE say that if they are alerted to data being published online they will notify the Data Protection Commission & take the "necessary action".

Not sure if that includes contacting the impacted person & letting them know what has been published.

Link: https://www2.hse.ie/services/cyber-attack/if-you-are-affected-by-a-data-breach.html


----------



## roker (26 Jul 2021)

noproblem said:


> Not a clue how you might find that out, and to tell you the truth I care less if they are or not. One thing's for sure, I won't be suing anyone if they are published and i've had plenty wrong medically over the years. I live in Ireland and am fairly certain the neighbours know everything anyway. If the rest of the country find out? So what?


I agree,  who cares if they find out I've had my appendix out etc.


----------



## Clamball (26 Jul 2021)

Cancer patient to sue Cork's Mercy Hospital over cyber hack
					

Case lodged at Cork Circuit Court on behalf of man who had received treatment for cancer at the hospital and whose files were put up on dark web




					www.google.ie
				




This man cares his cancer treatment information is available online and is suing mercy hospital cork.


----------



## Thirsty (26 Jul 2021)

The solicitor in question has written a post - I'd have to agree with a great deal of what is said here.









						HSE Cyber Attack - July Update - O'Dowd Solicitors
					

It remains something of a surprise to us that there has been so little media coverage of late of the HSE Cyber Attack. Almost two months has now passed since the hacking incident and it appears that health services are still greatly affected and the Health Service Executive remains remarkably...




					www.odowd.ie
				




I find it astonishing that people don't think this is a big deal; the "I don't care, so I don't see why anyone else should" response is quite incredible.


----------



## blanketyblank (27 Jul 2021)

I have unfortunately lots of medical issues - many of them I couldn't care less if they were on the dark web!   If someone knows I had an operation for gall stones I don't care however there are some issues I certainly wouldn't like publicly known!  after reading the article by the solicitor it worries me a little as I've had loads of scam calls lately - one day I counted 12. 
I would hope that if the HSE knew that any information regarding me was on the web that they would tell me.


----------



## Thirsty (27 Jul 2021)

blanketyblank said:


> I would hope that if the HSE knew that any information regarding me was on the web that they would tell me.


I don't believe that will happen.



> many of them I couldn't care less if they were on the dark web! If someone knows I had an operation for gall stones I don't care however there are some issues I certainly wouldn't like publicly known


Again, it's not a question of what any person might be comfortable or otherwise being made public; *all* medical information is private and confidential and the paucity of response and action from HSE is disgraceful.


----------

