NHS Greater Glasgow and Clyde cyber-attack: FOI release

Information requested

1. A confirmation of the date and time the Scottish Government were made aware of the cyber-attack by the NHSGG&C
2. A copy of all correspondence between NHSGG&C and the Scottish Government regarding the cyberattack since it occurred to present day (date of foi request).

Response

Question 1:

Due to the UK-wide nature of the cyber incident, that was targeted at a service provider rather than the NHS, the Scottish Government was first alerted by the national cyber security team hosted by NHS National Services Scotland on 04 August 2022. NHS National Services managed the alerting and coordination of the required response on behalf of all Health Boards in Scotland, including NHS Greater Glasgow & Clyde

Question 2:

Please see a separate attachment regarding the correspondence you have requested.

While our aim is to provide information whenever possible, in this instance we are unable to provide some of the information you have requested because due to exemption under section 33(1)(b)) (commercial interests and the economy) of FOISA that applies to that information. The reason for this being disclosure would (or would be likely to) prejudice substantially the commercial interests of any person or organisation.

Additionally, some information has been redacted under section 35(1)(a)) (prevention or detection of a crime) of FOISA. This is due to some correspondence containing sensitive information, which if released could compromise the security of systems.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.

FOI 202200331709 - Information Released - Correspondence Binder

File type

142 page PDF

File size

5.3 MB