DORCHESTER hospital workers have been caught up in a high-level cyber-security attack that has put hundreds at risk across the country.

Computer hackers have stolen private files from the company Landauer, which is employed by the NHS to monitor radiation levels among staff.

They hold personal details such as names, dates of birth, national insurance numbers and radiation dose of workers across the county including from Dorset County Hospital (DCH). Fortunately fewer than 55 employees at DCH were affected.

The company confirmed the attack, which has left hundreds of people across the country vulnerable to identity fraud, did not just affect the NHS but a ‘number of clients’.

The government’s newly formed National Cyber Security Centre (NCSC) set up to fight the rising threat of cyber-attacks refused to reveal information about the hackers including where they were from or exactly how many people are affected.

The NCSC tackled 188 attacks in its first three months.

A spokesperson for Dorset County Hospital said: “On January 19 2017 Dorset County Hospital NHS Foundation Trust received a letter which informed us that there had been an information security breach on one of the servers at Landauer UK, a third party organisation who supply our Dosimetry service, an externally provided service that monitors, analyses and reports on the radiation dosages that staff who regularly use radioactive equipment and devices are exposed to.

“The incident occurred in October 2016 and has affected Trusts and non-NHS organisations nationwide, including Dorset County Hospital. Fortunately the number of staff from DCHFT who were involved in this data security breach was small, with fewer than 55 current or former employees affected. Of these employees, fewer than 10 had more than their name breached, and all of these individuals have been offered a 12 month ‘ProtectMyID’ service via Experian, courtesy of Landauer.

"The Trust communicated immediately with those staff affected, writing to each individually and have since provided further assurance to staff.

“As the data controller, the Trust has also reported this incident to the Information Commissioner’s Office as a Serious Incident Requiring Investigation, and has been advised not to conduct an individual investigation as NHS Digital will be investigating this national incident centrally.

"Landauer have also engaged the Police Cyber Crime Unit to conduct an investigation. The Trust awaits the outcome of these investigations and is confident that affected staff have been fully supported and reassured of the use of their information. At no point was any patient information or information on servers at DCHFT compromised.”

A GOVERNMENT spokesperson said: “NHS Digital is working to support the organisations affected by this external breach, and health and care organisations are aware of their responsibility to support affected staff.

“This government takes digital security extremely seriously and our five year National Cyber Security Strategy is supported by £1.9 billion of transformational investment.

“There is an increased cyber threat to the UK and when attacks do happen, people and businesses can get advice and support from the government’s new National Cyber Security Centre.”

A spokesman for Landauer added: “We confirm that one of Landauer Europe’s UK servers was the target of a security attack in late 2016 which unfortunately resulted in data held on behalf of a number of clients being compromised.

“Landauer’s security team acted swiftly to secure our UK system within 24 hours of any data being compromised and ensure that the data compromised was kept to a minimum. Following the incident, we engaged a leading global firm of forensic IT specialists to conduct a thorough investigation to identify the scope of data compromised. We are confident that we have identified all affected clients and have undertaken a program to notify them of the incident. In the interests of client confidentiality, we will not be providing further details of the incident at this stage or providing further comment.”

Landauer has arranged for staff affected to have free access to the credit monitoring agency Experian for the next 12 months.