An Irish healthcare recruitment company, Healthdaq, has been targeted in a cyber attack that allegedly led to the theft of hundreds of thousands of sensitive files. The platform is used by health trusts in Northern Ireland and other public health bodies internationally to manage recruitment and staffing processes. Trusts have said they are aware of a potential incident affecting a third-party supplier and have advised staff to remain vigilant.

Healthdaq confirmed it detected unauthorised access to certain data on 30 March, describing the breach as involving the extraction of confidential information. The compromised data may include names, contact details, curriculum vitae, qualifications, copies of passports and other government-issued identification, and in some cases health information. The company said the incident has been contained and steps have been taken to secure its systems.

A hacking group known as XP95 has claimed responsibility and is demanding a ransom, alleging it stole nearly half a million files, including driving licences, criminal background checks and vaccination records. The Information Commissioner's Office said it has received a report and is assessing the information. A cyber security expert noted that while hackers may exaggerate claims, established groups often rely on credibility to maintain their influence, and affected individuals have been urged to strengthen passwords and remain alert to suspicious activity.