NHS Greater Glasgow and Clyde cyber-attack: FOI release

Information request and response under the Freedom of Information (Scotland) Act 2002.


Information requested

  1. A confirmation of the date and time the Scottish Government were made aware of the cyber-attack by the NHSGG&C
  2. A copy of all correspondence between NHSGG&C and the Scottish Government regarding the cyberattack since it occurred to present day (date of foi request).

Response

Question 1:

Due to the UK-wide nature of the cyber incident, that was targeted at a service provider rather than the NHS, the Scottish Government was first alerted by the national cyber security team hosted by NHS National Services Scotland on 04 August 2022. NHS National Services managed the alerting and coordination of the required response on behalf of all Health Boards in Scotland, including NHS Greater Glasgow & Clyde

Question 2:

Please see a separate attachment regarding the correspondence you have requested.

While our aim is to provide information whenever possible, in this instance we are unable to provide some of the information you have requested because due to exemption under section 33(1)(b)) (commercial interests and the economy) of FOISA that applies to that information. The reason for this being disclosure would (or would be likely to) prejudice substantially the commercial interests of any person or organisation.

Additionally, some information has been redacted under section 35(1)(a)) (prevention or detection of a crime) of FOISA. This is due to some correspondence containing sensitive information, which if released could compromise the security of systems.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.

Contact

Please quote the FOI reference
Central Enquiry Unit
Email: ceu@gov.scot
Phone: 0300 244 4000

The Scottish Government
St Andrews House
Regent Road
Edinburgh
EH1 3DG

Back to top