Published on: 11 May 2022

We have been advised that the NHS in the northwest is currently being targeted by hackers. They are using email to try and steal people’s passwords. This is also a direct threat to our organisation and all IT users must be extra vigilant.  

We understand hackers have compromised the email addresses of the North Cumbria Integrated Care Trust and three other NHS organisations in the North West and also the People First and Pennine Care organisations. It is likely they have hacked other organisations as well. 

If you receive an email from any of the organisations above or another organisation you know, it is likely you will be more trusting about the content. You may even be expecting a message from them. Please be aware that any employee from these organisations could have been hacked and even if you know the sender you should not automatically trust that it is a legitimate email. 

If necessary, check with the person who has sent the email, that it is from them and that they meant to send it to you. 

These emails may ask you to download a file or click a link. Often these take you to a fake site that asks you for your username and password - PLEASE DO NOT PROVIDE THIS. It is really important that you are cautious about clicking on any links or opening any documents in emails. 

NEVER put in your Trust username and password anywhere outside the Trust's own systems and do not attempt to install any software which is not approved by IT. 

If you have clicked on a suspect link and entered your password, please change your password immediately and inform the IT security team stsft.cybersecurityteam@nhs.net and Trust IT Service Desk stsft.itservicedesk@nhs.net. 

Making the IT team aware allows them to put measures in place to protect our systems. You won't be in any trouble and all reports will be treated in confidence.

Please make sure that colleagues are aware of this information and specific threat. This helps us to keep out IT systems safe, thank you!

Return to News Feed