South Scotland MSP Colin Smyth has described as “deeply concerning for NHS staff and patients” reports that a ransomware group is threatening to release stolen NHS Scotland patient and staff data.

The reports come two weeks after NHS Dumfries and Galloway were targeted in a cyber-attack where it was reported that hackers may have acquired “a significant quantity” of patient and staff data.

Last week Colin Smyth raised his fears in Parliament with the Health Secretary that the attack on NHS Dumfries and Galloway was related to “extortion” attempts.

Colin Smyth said, “These reports will be deeply concerning for staff and patients in Dumfries and Galloway and across Scotland. While details of the recent cyber-attack on the health board have been limited, past attacks on public bodies are often related to extortion attempts and I have no doubt that this will have been the motive in the recent attack on Dumfries and Galloway.

“Although there is an ongoing police investigation into that attack, and we don’t know just how much data has been stolen from NHS Dumfries and Galloway and whether that data is still out there, the health board and Scottish Government need to be open with the public over how credible they believe these threats are, what areas they cover and what this may mean for patients and staff there.

“There is nothing more personal that someone’s health records and patients in Dumfries and Galloway, and in other health board areas, deserve to know just how safe their data is. They shouldn’t have to read about possible threats on the internet and then wonder if this could affect them”.