Healthdaq, a recruitment platform used by health trusts, has been targeted in a cyber attack involving unauthorised access to sensitive data. In an email to clients, the company said it became aware of the breach on 30 March and has since taken steps to secure its systems. The incident has been described as a confidentiality breach involving the extraction of data.

The compromised information may include names, contact details, curriculum vitae, qualifications, copies of passports and other government-issued identification, and in some cases health information. The company warned there is a risk of identity theft, fraud, or misuse of personal data as a result of the breach. The Information Commissioner's Office confirmed it has received a report and is assessing the details.

Healthdaq works with government and public health bodies internationally, including organisations linked to the National Health Service. A hacking group known as XP95 has claimed responsibility and is demanding a ransom, alleging it has stolen nearly half a million files, including driving licences, criminal background checks and vaccine records.