No patient data was compromised, officials say

May 19, 2017 12:15 GMT  ·  By

The WannaCry ransomware outburst that started last week compromised a total of 1,500 Windows XP computers at NHS Scotland, Health Secretary Shona Robison revealed, adding that the organization still has some 6,500 PCs running the unsupported operating system.

Speaking about the outcome of the WannaCry attack, Robison explained that systems running other versions of Windows were also compromised, including many powered by Windows Server 2003.

“At the moment we understand mainly Windows 2007 and Windows 2003 devices were affected and only a small number of Windows XP devices were affected,” Robison said in a statement.

“I know Windows XP has been an issue raised within the media. What I can say about that is there are approximately 6500 XP devices out of around 153,000 total devices, less than 5%.”

No patient data exposed

On the other hand, authorities in Scotland explain that no breaches of patient data were experienced and no information was stolen as part of the attack, as hackers only demanded a ransom payment to restore access to files.

Robison went on to explain that the government is currently working on plans to prevent similar infections in the future, without revealing whether an upgrade from Windows XP to a supported operating system is planned or not.

“Reviews are already underway to capture what can be improved to ensure that we reduce the chances of a similar attack happening in the future,” she said.

Windows XP was launched by Microsoft in 2001 and no longer receives support since April 2014. XP was one of the versions targeted by WannaCry, with Microsoft itself deciding to roll out a patch, despite the operating system being unsupported, to prevent the ransomware from exploiting a known vulnerability in the OS.

At this point, Windows XP has a global market share of 7 percent, but after the WannaCry fiasco, more users are likely to migrate to a newer operating system as soon as possible.