Approximately 223,000 patients and staff were affected by a cyberattack on Medlab Pathology in February.
This is based on findings from a forensic investigation led by the ASX Australian Clinical Labs (ACL) private pathology provider, which acquired the pathology lab late last year. .
The hacked data included about 17,500 medical and health records related to pathology, more than 28,000 credit card numbers, and about 128,000 Medicare numbers. Those affected are believed to be mainly limited to NSW and Queensland.
However, ACL notes that there is “no evidence of misuse” of any information nor any claims regarding Medlab and ACL.
The network issue has also affected broader systems and databases owned by ACL while Medlab’s compromised IT server is down and no longer in use.
ACL will now begin contacting affected individuals directly “by means of tailored notice as soon as practicable.”
“ACL, on behalf of Medlab, will begin the process of contacting individuals at risk directly via email and postal mail today, to provide them with information about the incident, how it affects them how and additional steps can be taken to protect their information,” it said in a company disclosure on Thursday.
In addition, the company has also established a dedicated in-country response team to answer questions from notified individuals and provide them with guidance and troubleshooting advice regarding the incident. A care team has also been established to reduce suffering and assist those who may already have access to health records.
Furthermore, ACL is working with federal and state government agencies to provide free credit monitoring and/or ID document replacement for individual victims.
BIGGER BACKGROUND
Weeks after Medlab reported a hack on its IT server, Australia’s Cybersecurity Center received intelligence that the pathology service may have been hit by ransomware.
Three months later, the ACSC discovered that some information about Medlab had been posted on the dark web. The ACL said it immediately responded by finding and downloading the unstructured dataset from the dark web and “worked to remove it permanently.”
The company then worked to determine the nature of the compromised information and the individuals who might be at risk of serious harm as a result of the hack.
Due to the complex and unstructured nature of the data set under investigation, analysts and forensic experts have so far been unable to identify individuals and the nature of the information associated with the data, ACL explains. mandarin”.
TREND TO BIGGER WOMAN
Health insurer Medibank is the latest Australian company to fall victim to a string of cyber incidents this year. The company first reported a cyber breach two weeks ago. In an update this week, it said hackers had access to the data of all of their 3.9 million customers. It involves personal information such as names and some Medicare card numbers and health information, including customer claim codes.
Through New Zealand, Pinnacle Midlands Health Network also experienced a recent IT breach. It is reported that hackers have leaked patient data on the web, including data related to the use of hospital services, information requests and immunization and screening status of each individual. patient. Affected individuals relate to past and present patients and Pinnacle group customers in Waikato, Lakes, Taranaki and Tairāwhiti counties, including GP practices in the Healthcare program initial health.
ON PROFILE
“On behalf of Medlab, we sincerely apologize and deeply regret that this incident has occurred. We recognize the anxiety and inconvenience this incident may cause to those who have used it. services of Medlab and has taken steps to identify the individuals affected.We are in the process of providing notice to the individuals involved.We want to reassure all individuals involved. that ACL is committed to providing all reasonable assistance to them. We will continue to work with the relevant authorities,” ACL CEO Melinda McGrath said in a statement.
