Last year’s WannaCry attack was a lucky escape, and the government is quite rightfully being urged to learn lessons from the encounter. We are almost a year on from the day that saw around one-third of all NHS Trusts in England disrupted by the malware attack that specifically targeted older (and therefore weaker) systems and servers.
The attack saw hundreds of other NHS organisations – including almost 600 GPs – infected during the attack, and some 20,000 hospital appointments and operations were cancelled.
Ultimately, the WannaCry attack was simple malware that still managed to cripple the NHS. It was a lucky escape, and future attacks involving medical data could be far, far worse.
MPs have understandably warned the government that more must be done to ensure that the country is prepared for future attacks, especially as relations with Russia worsen, with talks of ‘cyberwars’ being fought. The WannaCry malware wasn’t a sophisticated piece of software, yet it still did a great deal of damage. All the WannaCry software did was lock computers and demand a ransom; imagine what would happen if real data was exposed, stolen or erased? What then?
Medical data is priceless in terms of ensuring that it is kept safe and secure. Medical professionals rely on its availability and accuracy to save lives. If the NHS falls victim to a similar, but more sophisticated attack, we could be talking about lives lost here.
The healthcare sector was nowhere near prepared enough for the WannaCry attack. Unless adequate funding is put in place for the NHS to properly secure data, we fear it’s only a matter of time before another major attack hits the NHS and does some serious damage.
Medical data the holy grail of breaches
Medical data breaches remain at the top of the pile in terms of the most breached forms of data. The healthcare sector leads the polls, which is worrying given the nature of the data that they hold.
We regularly advise and represent victims for medical data breach compensation claims. They’re frighteningly common, and the damages that a victim can claim can be quite high because of the nature of the data that is breached.
When it comes to breached medical data, we’re often talking about very personal and sensitive data. If such data is exposed on the internet, it really is the case that it will likely never completely go away.