Cancer and ambulance services among HSE websites shut down after cybersecurity incident – The Irish Times
Publish Date: 2026-05-04 01:03:00
Source Domain: www.irishtimes.com
Using an unordered list, summarize the following article with between 4 and 8 key points. The Health Service Executive (HSE) is attempting to restore significant web services more than three months after a cybersecurity event hit subsites for the National Cancer Control Centre (NCCC), the National Ambulance Service (NAS) and Cork University Hospital (CUH) among others. Web pages impacted by what it described as “unexpected activity” on one of the site’s servers were taken down. While work to republish the material had been ongoing since, about 20 per cent of the pages remain unavailable.The pages affected are subsites of HSE.ie and provide information on the operations of, and information on access to, services provided by the specific branch organisations.While some have been restored, including CUH and Cork University Maternity Hospital, those for the NAS, the NCCC, Children First National Office and the Medicine Management Programme are among a significant number still listed as unavailable.In a statement, the HSE said its cybersecurity team “detected unexpected activity on one of the web servers that was used to publish HSE publications and web content across a range of topics, as part of their real-time cybersecurity monitoring at the end of January”. The server was managed by an external vendor outside the main HSE network. It said it quickly moved to republish “high-priority content” and most of the information on its new HSE.ie site has now been restored. “Some out-of-date information has not been republished. About 20 per cent of the content is still to be republished,” it said, adding that several additional information websites managed by the vendor were also taken offline. Those included CUH; Cork University Maternity Hospital; understandtogether.ie; sexualhealth.ie; nationalambulanceservice.ie; and ehealthireland.ie. “We are working with the services to make the remaining information available as soon as possible,” the HSE said.The HSE was the victim of a major ransomware attack in May 2021 when all of its systems had to be shut down after 80 per cent of its IT environment had been encrypted in an attempt to extract payment.The event took the HSE four months to recover from with services severely disrupted and a substantial amount of patient data compromised.The organisation had to write to more than 90,000 people whose information had been potentially compromised and by May 2024 it was reported that more than 600 legal actions had been initiated[ HSE offers €750 to victims of system-wide cyberattackOpens in new window ]The organisation was subsequently criticised for a lack of preparedness, a slow centralised response and a lack of capacity to deal with the attack after it was first detected.A Government-backed review of the handling of the attack found the HSE had been operating on “a frail IT estate that had evolved rather than having been designed for resilience and security” with “an over-reliance on legacy systems”. The cost of the attack was put at more than €50 million although this figure did not include the impact on voluntary organisations or quantify the amount of work undertaken by staff.
