Mobile numbers of Scottish NHS staff compromised following software company data breach 

Mobile numbers of Scottish NHS staff at seven health boards have been compromised following a software company data breach.

The third party supplier, which has not been named, was impacted by a security incident that led to the mobile phone numbers of temporary ‘bank staff’ being exposed online.

Scott Barnett, head of information and cybersecurity at NHS National Services Scotland, said: “A sub-contractor of a third-party supplier to several NHS Scotland boards has experienced a cyber incident.

“Our supplier has assured us that the situation was promptly addressed. Although the incident did not directly target any NHS Scotland board, some workforce data has unfortunately been compromised affecting a small number of staff.

“Impacted staff will be notified and will receive appropriate advice and guidance from their respective NHS Scotland Boards. There was no risk to patient data as a result of this incident.”

A Scottish Government spokesperson said: “Ministers are aware of an incident that resulted in the mobile numbers of those staff registered on the Bank Staff rostering system, used by seven health boards, being accessed.  Individual health boards will contact affected staff.

“No NHS systems or personally identifiable information have been compromised and all services continue to be delivered as normal. The Information Commissioner has been notified.”