Skip to content
Contents

History & details of Cyber Attacks July22-July24

Reference: 24-25178

Date response sent: 05/08/2024

Details of enquiry

  1. How many cyber incidents (threat and breach) occurred in the last two years (1st of July 2022-1st of July 2024)?

 

  1. For each of the following cyber incident types, please indicate if your organisation experienced them in any month from the 1st of July 2022- 1st of July 2024. If yes, specify the month(s) in which they occurred:
    • Phishing attacks: Yes/No. If yes, which month(s)?
    • Ransomware attacks: Yes/No. If yes, which month(s)?
    • Distributed Denial of Service (DDoS) attacks: Yes/No. If yes, which month(s)?
    • Data breaches: Yes/No. If yes, which month(s)?
    • Malware attacks: Yes/No. If yes, which month(s)?
    • Insider attacks: Yes/No. If yes, which month(s)?
    • Cloud security incidents: Yes/No. If yes, which month(s)?
    • Social engineering attacks (excluding phishing): Yes/No. If yes, which month(s)?
    • Zero-day exploits: Yes/No. If yes, which month(s)

 

  1. For each of the following supplier types, please indicate if any cyber incidents related to them occurred between the 1st of July 2022-1st of July 2024. If yes, specify the volume of cyber incidents that occurred:
    • IT service providers: Yes/No
    • Medical equipment suppliers: Yes/No
    • Software vendors: Yes/No
    • Cloud service providers: Yes/No
    • Data storage/management companies: Yes/No
    • Telecommunications providers: Yes/No
    • Security service providers: Yes/No
    • Managed service providers (MSPs): Yes/No
    • Third-party payment processors: Yes/No

 

  1. During the period from 1st of July 2022 -1st of July 2024, did your organisation experience any of the following impacts due to cyber incidents?
    • Were any appointments rescheduled due to cyber incidents? Yes/No
    • Was there any system downtime lasting more than 1 hour? Yes/No
    • Did any data breaches occur? Yes/No
    • Were any patients affected by data breaches? Yes/No

 

  1. What percentage of your cybersecurity budget is allocated to each of the following supply chain security technologies? Please indicate the percentage for each:
    • Third-party risk assessment tools: ___%
    • Vendor management systems: ___%
    • Supply chain visibility and monitoring solutions: ___%
    • Secure data sharing platforms: ___%
    • Multi-factor authentication for supplier access: ___%
    • Endpoint detection and response (EDR) for supplier systems: ___%
    • API security solutions: ___%

Response sent

  1. How many cyber incidents (threat and breach) occurred in the last two years (1st of July 2022-1st of July 2024)?

One

  1. For each of the following cyber incident types, please indicate if your organisation experienced them in any month from the 1st of July 2022- 1st of July 2024. If yes, specify the month(s) in which they occurred:

a. Phishing attacks: Yes/No. If yes, which month(s)?

Yes, random months

b. Ransomware attacks: Yes/No. If yes, which month(s)?

No

c. Distributed Denial of Service (DDoS) attacks: Yes/No. If yes, which month(s)?

No

d. Data breaches: Yes/No. If yes, which month(s)?

No

e. Malware attacks: Yes/No. If yes, which month(s)?

No

f. Insider attacks: Yes/No. If yes, which month(s)?

No

g. Cloud security incidents: Yes/No. If yes, which month(s)?

No

h. Social engineering attacks (excluding phishing): Yes/No. If yes, which month(s)?

No

i. Zero-day exploits: Yes/No. If yes, which month(s)

No

  1. For each of the following supplier types, please indicate if any cyber incidents related to them occurred between the 1st of July 2022-1st of July 2024. If yes, specify the volume of cyber incidents that occurred:

j. IT service providers: Yes/No

No

k. Medical equipment suppliers: Yes/No

No

l. Software vendors: Yes/No

Yes

m. Cloud service providers: Yes/No

No

n. Data storage/management companies: Yes/No

No

o. Telecommunications providers: Yes/No

No

p. Security service providers: Yes/No

No

q. Managed service providers (MSPs): Yes/No

No

r. Third-party payment processors: Yes/No

No

  1. During the period from 1st of July 2022 -1st of July 2024, did your organisation experience any of the following impacts due to cyber incidents?

s. Were any appointments rescheduled due to cyber incidents? Yes/No

Yes

t. Was there any system downtime lasting more than 1 hour? Yes/No

Yes

u. Did any data breaches occur? Yes/No

No

v. Were any patients affected by data breaches? Yes/No

No

  1. What percentage of your cybersecurity budget is allocated to each of the following supply chain security technologies? Please indicate the percentage for each:

We do not breakdown the IMT budget to this level, as cyber security is an essential part of overall IM&T costs.

Back to top