HSE Halts Medical Card Issuance After Cyberattack on External Provider
The Health Service Executive has suspended the issuing of medical cards and several related health documents following a cyberattack on an external card-printing contractor.
The HSE confirmed on Friday that its own systems were not compromised in the incident. However, the card-printing company that produces plastic medical cards, European Health Insurance Cards (EHICs), long-term illness cards, drugs payment scheme cards, and GP visit cards suffered a breach on its systems.
A "small number" of HSE records were accessed during the attack, the health authority said.
Services Paused:
Plastic medical cards
European Health Insurance Cards (EHICs)
Long-term illness cards
Drugs payment scheme cards
GP visit cards
The HSE has reported the breach to the Data Protection Commission and is working with the external provider to assess the extent of the data accessed. The authority has pledged to notify any individuals whose data may have been impacted.
What You Need to Know:
No reduction in services — the HSE has confirmed that care and entitlements remain unchanged
Provisional replacement certificates will be provided while the pause is in effect
Adult EHIC cards can still be added to Apple Wallet or Google Wallet via the HSE app
Individual eligibility for any of the affected cards has not been impacted
Anyone with concerns about their application or the status of their card is advised to contact the HSE on 0818 224 478.
The incident comes as the latest in a series of cyber security challenges facing Irish public services, raising ongoing questions about the resilience of third-party supply chains handling sensitive citizen data.