Threat advice and intelligence

Threat intelligence bulletins are issued to users registered on the respond to an NHS cyber alert service in real time when a threat is assessed as high-severity, or weekly via email to anyone registered to receive the cyber alert bulletin.

Additionally, we provide specific, local threat alerts to individual organisations based on information identified via monitoring and threat protection services.

To keep updated on new cyber alerts subscribe to our cyber alerts RSS feed.

Every low, medium and high severity cyber alert that we publish will be included in this feed.

RSS URI: https://digital.nhs.uk/feed/cyber-alerts-feed.xml

Guidance on subscribing to the feed

There are multiple ways to subscribe, but to help you we have provided some common methods here with links to relevant guidance:

• Subscribe to an RSS feed in Microsoft Outlook
• Connect the RSS feed to a Microsoft Teams channel
• Utilise one of the publicly available RSS readers for your phone or internet browser.

We proactively monitor the dark web, looking for potential breaches of NHS email addresses and other personal information. 

When these credentials have been compromised, they are reported to specific organisations to take action.

In the event of a cyber security incident we can use SMS (text) messaging to provide information and updates to health and care leaders. Messages direct individuals to the very latest guidance and advice.

To report an urgent cyber security issue, call 0300 303 5222.

For general queries, to sign-up to any of our services or to give us feedback, call 0300 303 5222 or email [email protected].