GP practices in Tayside have been attacked eight times by ransom-demanding hackers in two years.
The Tele can reveal that ransomware — a type of computer virus which restricts access to a computer system until a ransom is paid — has been detected on NHS Tayside systems on eight occasions since May 2014.
According to NHS Tayside data, two GP practices in Dundee were targeted by hackers — Taycourt Surgery in the West End and also Stobswell’s Wallacetown Health Centre.
Along with Taycourt Surgery in Perth, Aberfeldy & Kinloch Rannoch Medical Centre, Loch Leven Health Centre and “various secondary care” sites have been affected by the virus since May 2014.
NHS Tayside confirmed patient details were not compromised at any point following the breaches and no ransom money was paid to the perpetrators.
Andy Doig, a computer technician with local computer repair specialists 3000rpm, said people should be vigilant while online to prevent being a victim of ransomware.
He said: “What generally occurs with ransomware is someone will click on an infected link and nothing will happen.
“It is basically working away in the background encrypting all the files on the computer.
“Then the person will just see a screen demanding money to decrypt the data — the hackers can sometimes demand hundreds of pounds.
“We actually had one person come in and they were being asked to pay several hundreds of pounds.
“We use between 10 and 15 programmes to fix it. There has been a bit of a drop this year, it was a huge problem last year.
“If it targets patient details it could be dangerous.
“It’s lucky that the viruses were intercepted.”
A spokeswoman for the health board said action had been taken to ensure that staff members were aware of how to avoid becoming a victim of ransomware.
She added: “There has been a series of targeted communications to staff as well as regular updates on the NHS Tayside intranet site to raise awareness of the threat and to advise staff of how they should react to suspicious communications.
“By giving staff knowledge of how to deal with suspicious communications, the risk of a staff member activating a ransomware package is greatly reduced.”