DATA from National Records of Scotland (NRS) was accessed and published as part of the criminal cyber-attack on NHS Dumfries and Galloway.
The organisation yesterday confirmed it had been affected.
NRS holds information on the NHS Dumfries and Galloway IT network as it runs an administrative service to allow the transfer of patient records when people move between health board areas, across borders within the UK or move overseas.
Assessment of the stolen information has taken place and they have identified a small number of cases where there was sensitive information held temporarily on the network at the time of the attack.
And NRS say they have already engaged with those affected and informed the Information Commissioner.
In addition, some information which comes from the births, deaths and marriages registers was also accessed. This information is used to correctly identify patients and maintain the accuracy of the service.
NRS chief executive Janet Egdell said: “We are aware that this will be distressing news for those individuals most directly affected. This is a live criminal investigation, and we are working closely with NHS Dumfries and Galloway, Police Scotland, Scottish Government and other agencies involved in the inquiry.
“NRS takes cyber security and privacy seriously. This includes ensuring the continued safe provision of the service we provide.”
A mailbox has been set up for enquiries from members of the public: [email protected].
