The phishing incident took place between 30 May and 1 June, compromising 113 mailboxes, which is said to be 0.008% of the accounts in the network as per the agency.
According to NHS Digital, the incident is not being seen as a targeted cyber attack, but as a global phishing campaign that has been designed to cast a wide net.
The agency said that presently there is no proof with it to indicate that patient records have been accessed following the phishing of the NHSmail mailboxes.
NHS Digital further said that it is closely working with the National Cyber Security Centre (NCSC), who are probing a widespread phishing campaign against a wide range of organisations across the UK. The agency said that the campaign has impacted a very small section of NHS email accounts.
NHS Digital stated: “We are investigating this issue and have taken the precaution of asking all mailboxes that have a similar configuration to the compromised accounts to change their passwords with immediate effect.
“We have worked with the organisations involved to isolate affected accounts, supported them to make any necessary changes and have advised affected individuals.”
The agency said that it will continue to monitor all the 1.41 million NHSmail mailboxes for suspicious activity and changing security threats. It claimed to proactively take measures for ensuring the safety of patient data to the high standards expected by the NHSmail users.
NHS Digital said that there has been a 94% decline in phishing emails sent to NHSmail accounts in the past year because of a range of steps it had taken up and in summer 2019 when it also implemented a new password approach that adheres to the NCSC guidelines.
NHSmail, which is the centrally-funded email service of the NHS, enables staff in domiciliary care and care homes to safely share the data and queries of residents with doctors, nurses, and GPs involved in their direct care, and get responses in a timely manner.
In March, NHS Digital selected the Egress Protect solution to be integrated into the NHSmail mailboxes for improved protection and better user experience.