Australian healthcare provider Regis Healthcare has lost sensitive data to an international attacker. The attacker has also begun leaking some of this information, which has prompter Australian cyber security authorities.
The company said today that it had “been targeted in a cyber attack by an overseas third party” that had “copied some data from [its] IT system and released certain personal data publicly.”
“The company has also reported the incident to the Office of the Australian Information Commissioner (OAIC), the Australian Cyber Security Centre (ACSC) and other regulatory bodies.”
Regis Healthcare said it had been able to move to “backup and business continuity systems” to recover from the incident.
“Our priority is maintaining safe and reliable operations while ensuring the security of personal information of our residents, clients, and employees,” Regis Healthcare’s CEO Dr Linda Mellors said.
“To this end, we are working with expert IT and security advisors to continue to investigate and deal with this incident”.
The Australian Cyber Security Centre (ACSC) is aware of recent ransomware campaigns targeting the aged care and healthcare sectors. Cyber criminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks. This is because of the sensitive personal and medical information they hold, and how critical this information is to maintaining operations and patient care. A significant ransomware attack against a hospital or aged care facility would have a major impact.
ACSC Recommendations
If Australian organisations are infected by the Maze ransomware, they should seek assistance in the first instance from the ACSC via 1300 CYBER1. We encourage reporting cyber security incidents to enable the ACSC to alert and assist a broader range of organisations and understand the scope and nature of cyber intrusions.
Read the ACSC advice on mitigating the threat of ransomware. Keeping software up to date and having current backups stored offline is the best way to protect your organisation from a ransomware attack.
