FOI/202200331709 · FOI · partially withheld

NHS Greater Glasgow and Clyde cyber-attack: FOI release

Published: 2024-07-24
Received: 2022-11-23
Responded: 2022-12-22
Directorate: Digital Health and Care Directorate
Topic: Public sector
Exemptions: 33(1), 35(1)

Information requested

A confirmation of the date and time the Scottish Government were made aware of the cyber-attack by the NHSGG&C A copy of all correspondence between NHSGG&C and the Scottish Government regarding the cyberattack since it occurred to present day (date of foi request).

Response

Question 1:

Due to the UK-wide nature of the cyber incident, that was targeted at a service provider rather than the NHS, the Scottish Government was first alerted by the national cyber security team hosted by NHS National Services Scotland on 04 August 2022. NHS National Services managed the alerting and coordination of the required response on behalf of all Health Boards in Scotland, including NHS Greater Glasgow & Clyde

Question 2:

Please see a separate attachment regarding the correspondence you have requested.

While our aim is to provide information whenever possible, in this instance we are unable to provide some of the information you have requested because due to exemption under section 33(1)(b)) (commercial interests and the economy) of FOISA that applies to that information. The reason for this being disclosure would (or would be likely to) prejudice substantially the commercial interests of any person or organisation.

Additionally, some information has been redacted under section 35(1)(a)) (prevention or detection of a crime) of FOISA. This is due to some correspondence containing sensitive information, which if released could compromise the security of systems.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.

Detected exemption language

While our aim is to provide information whenever possible, in this instance we are unable to provide some of the information you have requested because due to exemption under section 33(1)(b)) (commercial interests and the economy) of FOISA that applies to that information. Additionally, some information has been redacted under section 35(1)(a)) (prevention or detection of a crime) of FOISA.

Attachments

FOI 202200331709 - Information Released - Correspondence Binder 142 page PDF 5.3 MB

Similar releases

Correspondence discussing the response to FOI request 202600503390: FOI release 2026-05-15 · partially withheld · 2 files
Perth and Kinross broadband queries: FOI release 2026-05-14 · not held · 0 files
Crown Office and Procurator Fiscal Service funding query: FOI release 2026-05-14 · unclear · 0 files
Scottish Government documentation regarding the procurement of Oracle: FOI release 2026-05-14 · not held · 0 files
Brand Scotland marketing spend information: FOI release 2026-05-13 · unclear · 0 files
Number of Freedom of Information requests which have proceeded to a review: FOI release 2026-05-13 · unclear · 0 files
Sensitive and routine Freedom of Information request statistics: FOI release 2026-05-12 · unclear · 0 files
Correspondence regarding Information Commissioner decision notices: FOI release 2026-05-12 · partially withheld · 2 files