NRS Healthcare experienced a 'cybersecurity incident' on 1 April 2024, when an unauthorised third party gained access to its systems.
The company reported the incident to the Information Commissioner's Office and liaised with the National Cyber Security Centre and the police.
For the past 12 months, NRS have been working with cybersecurity experts to conduct a thorough investigation of the impacted data.
In June, the ICB, East Riding of Yorkshire Council and Hull City Council were advised by NRS that part of the impacted data included personal and special category data relating to service users in the area.
At the time of the data breach, the ICB was a commissioner of this service, but it no longer holds a contract with this company, which is in the process of being liquidated.
NHS Humber & North Yorkshire ICB, East Riding of Yorkshire Council and Hull City Council, said: ‘We would like to sincerely apologise to our service users for any concern this may cause. We understand that this may be distressing for both service users and their families.'
Anyone who feels they were a 'victim of fraudulent activity' due to the security breach have been advised to get in touch with the ICB.
