1. Details of any ransomware that has affected any of the IT systems used by the Maidstone and Tunbridge Wells NHS Trust. In each case this should include:
O The name of the ransomware
O The systems affected by the attack and what it is normally used for
O The operating system being run
O When and for how long systems were affected
O How the systems were affected, i.e. whether files were decrypted, systems locked, or other (please specify)
O What would happen if the ransom was not paid
O How the ransomware gained access to the network, i.e. phishing email, USB stick, other (please specify)
O The ransom requested
O If the ransom was paid and the total ransom paid for the attack
O The number of medical activities (e.g. operations, scans, prescriptions, etc) that had to be suspended or altered during the infection period
2. Details of any other type of malware that has affected any of the IT systems used by the Maidstone and Tunbridge Wells NHS Trust. In each case this should include:
O The name of the malware
O The systems affected by the attack and what it is normally used for
O The operating system being run
O How the systems were affected, i.e. whether files were decrypted, systems locked, data stolen or other (please specify)
O When and for how long systems were affected
O How the ransomware gained access to the network, i.e. phishing email, USB stick, other (please specify)
O The number of medical activities (e.g. operations, scans, prescriptions, etc) that had to be suspended or altered during the infection period
3. Any correspondence between senior members of staff about incidents logged as part of 1 and 2.
4. Any correspondence between the Maidstone and Tunbridge Wells NHS Trust and government departments logged as part of 1 and 2.