Update on Synnovis cyber attack and where to get support with your questions
What has happened?
The National Crime Agency and National Cyber Security Centre are working to verify the data included in the published files as quickly as possible.
The NHS understand that people may be concerned by this and as more information becomes available through Synnovis’ full investigation, they will continue to update patients and the public on their webpage.
I am worried about this, what should I do?
If you need to speak to someone about your questions, please call the NHS incident helpline on 0345 8778967.
You should continue to use the NHS as normal if you are worried about your health, but please do not contact your local hospital or GP practice to ask whether your data has been impacted by this attack as they do not hold this information.
Am I at risk of getting scammed?
The NHS haven’t yet been able to verify what has been stolen or the claims made by the cyber criminals. You should always be alert to approaches from anyone claiming to have your data and to any other suspicious calls or emails, particularly if you are asked to provide personal or financial data.
If you are contacted by someone who claims they have your data please contact Action Fraud who are the UK’s national reporting centre for fraud and cybercrime or call 0300 123 2040.
Send suspicious emails to report@phishing.gov.uk or texts to 7726.
The National Cyber Security Centre (NCSC) has further guidance for individuals and families on data breaches.
If I get an email from an NHS address, how do I know it’s legitimate?
There is no suggestion the criminals have gained access to the NHS email system. However, you will not receive unexpected contact from the NHS asking for personal or financial information.
If you receive an unexpected or suspicious email or a communication by other means that claims to come from the NHS, you should double-check it’s legitimate by contacting the organisation or department directly.
Don’t use an address or phone number from the message itself – use the details from the official organisation’s website, for example the NHS trust or GP practice where you’ve been receiving care.
I’ve been contacted by someone who claims to have my data – what should I do?
Please contact Action Fraud who are the UK’s national reporting centre for fraud and cybercrime or call 0300 123 2040.
I have received a suspicious email/SMS what should I do?
Send suspicious emails to report@phishing.gov.uk or texts to 7726.