Over 100 NHSmail boxes have been hit by a phishing attack, according to a statement by NHS Digital.
It said 113 mailboxes were compromised and sent malicious emails to external recipients between Saturday 30 May and Monday 1 June 2020, while also stating there is no evidence of patient records having been accessed.
It added that the National Cyber Security Centre (NCSC) had confirmed it was not a targeted cyber attack but a sweep to harvest user credentials.
An NHS Digital spokesperson said: “We are working closely with the National Cyber Security Centre, who are investigating a widespread phishing campaign against a broad range of organisations across the UK. This has affected a very small proportion of NHS email accounts.
“We are investigating this issue and have taken the precaution of asking all mailboxes that have a similar configuration to the compromised accounts to change their passwords with immediate effect.
“We have worked with the organisations involved to isolate affected accounts, supported them to make any necessary changes and have advised affected individuals.”
The organisation said it is continuing to monitor the network of 1.41 million NHSmail accounts for suspicious activity and evolving security threats. It added that all affected individuals will have received an email from us by Tuesday 16 June 2020.
Earlier this year, NHS Digital announced plans to improve its security through a series of measures, including the creation of a password synchronisation micro-service to align passwords used in the NHS Directory and local active directories.
NHS Digital said that in the past year there has been a 94% decrease in phishing emails sent to NHSmail accounts due to a range of steps taken.
Image from psd.scot.nhs.uk, Open Government Licence