NHS data security compromised – Harrow Tory candidates silent!

computer-lockTheresa May can’t get away saying that the NHS ‘incident’ (diminishing language) is part of a wider cyber-attack.
Cyber security, like other national security aspects, is government responsibility and it is obvious that the NHS IT system and data have not been effectively protected, because of the outdated hardware and software as well as inadequate security arrangements.
Disrupted NHS systems and computer lockout have serious implications for Northwick Park and other NHS outlets in Harrow, including the cancellations of appointments and hospital treatments.
While Harrow Tory MP candidates are busy in working out votes from certain communities, they have been silent about the NHS security crisis that is causing hardships for the NHS users in Harrow.
The attack was focused on a vulnerability found on Windows operating systems, targeted by majority viruses. The exploit used to cause the infection is known as EternalBlue and appears to have infiltrated the NHS Network via NHS computers running Windows XP which was released in 2001, and no longer supported by Microsoft as of April 8th 2014.
The existence of the EternalBlue exploit was made public in April 2017. Microsoft had been aware of EternalBlue’s existence as a patch had been released for it in March 2017. The ransomware (known as WannaCry) used the EternalBlue exploit to infiltrate the NHS Network.
This leads to the following questions:
Does Theresa May’s government take the threat of cyber-attacks and exposed systems with exploits seriously?
Why the government had not done more to help NHS to update their computers?
As Microsoft had released a patch in March 2017, why the government mismanaged the handling of the NHS so badly that the computers had still not been patched as of May 2017?
Who is paying for the cost of the digital “clean-up”, the NHS or the government; either way the taxpayer is paying to clean up yet another mess by the government.
Home Secretary Amber Rudd has stated that there is no evidence that patient data was affected. If this turns out to be incorrect, what rights will the general public have as remedy, and will they be told about the extent to which their personal data has been compromised?
In terms of the bigger picture, Theresa May has been trying to widen the scope of the powers available under the Investigatory Powers Act 2016. If she cannot even control the actions of the NHS and protect computers from an exploit that had an available patch two months ago, then how can she guarantee protection of the data that her government is aggressively fighting to access, and that those accessing the data will act responsibly when the NHS has failed to do so?
If the exploit EternalBlue was first identified by the American National Security Agency, and Theresa May has such a special relationship with Trump, how is it that she was not informed of the exploit sooner? On the other hand, if she was informed, then how is it that in two months since the discovery of EternalBlue, Theresa May did nothing to secure vulnerabilities on NHS computers?