The BBC reports that NHS staff in Scotland have had their mobile phone numbers revealed in a cyber security incident involving a third-party supplier to several health boards. NHS Grampian confirmed that staff phone numbers had been obtained and NHS Dumfries and Galloway also issued an alert to staff.

The breach had occurred with a supplier involved in the software used for staff scheduling and management. The health board said it understood that all text messages sent on the system over the past three months had been compromised. It said mobile numbers may have been obtained by “unknown individuals”.

Head of Information Scott Barnett, said: “Although the incident did not directly target any NHS Scotland board, some workforce data has unfortunately been compromised, affecting a small number of staff. Impacted staff will be notified and will receive appropriate advice and guidance from their respective NHS Scotland boards.”

The Scottish government commented “Ministers are aware of an incident that resulted in the mobile numbers of those staff registered on the bank staff rostering system, used by seven health boards, being accessed. No NHS systems or personally identifiable information have been compromised and all services continue to be delivered as normal.”

Actions
  • Ensure you have appropriate technical and organisation measures in place to protect data
  • Ensure staff receive training in data protection policies and procedures

Source NHS staff mobile numbers revealed in data breach – BBC News

Importance: For your information

For further discussion and support, including data protection awareness training services please Contact Us