Cyber Incident Victim: Guernsey's Medical Specialist Group

In December 2021, the Guernsey's Medical Specialist Group (GMSG) experienced a cyber incident that disrupted its email system. The breach resulted in unauthorized parties sending emails to patients and contacts while impersonating the medical group. GMSG Chief Executive Jon Buckland publicly confirmed the incident and stated that law enforcement had launched an investigation. The organization acted to immediately re-secure its compromised email infrastructure following the attack. Buckland issued a formal apology to affected individuals, acknowledging the inconvenience and concern caused by the event. The incident specifically involved external threat actors exploiting vulnerabilities in GMSG's email communications platform. No additional details regarding the attack methodology or duration of system compromise were disclosed publicly.

GMSG collaborated with the States of Guernsey's information security officer and local police throughout the investigation. The organization emphasized its commitment to cybersecurity and data protection protocols during the response. Buckland indicated the investigation aimed to identify perpetrators and prevent subsequent criminal activity stemming from the breach. No evidence suggested patient medical records or clinical systems were accessed during the incident. The medical group maintained operational continuity for core healthcare services while addressing the email system compromise. Public communications focused on transparency regarding the email system intrusion without speculating about potential data exposure. Law enforcement authorities continued investigative work to determine the origin and full scope of the attack.