Melbourne heart clinic hit by ransomware attack
- 21 February, 2019 12:35
A Melbourne heart clinic has been hit by a ransomware attack that has reportedly affected the medical files of 15,000 patients.
The Melbourne Heart Group-owned clinic, which leased the unit from Cabrini Hospital, was allegedly hacked by a crime syndicate either from North Korea or Russia, according to The Age.
According to the report, the syndicate attacked the clinic’s server with malware and demanded a crypto-currency payment in order to supply a password to break the encryption.
The attack is said to have left the hospital without access to some patient files for three weeks.
Although payment was made, a number of patients’ files have not been recovered, the report said.
Cabrini Hospital has said that none of its own patient data was affected by the attack, stressing that the data storage and information systems in the suites are owned and managed by the clinics themselves.
“Cabrini is providing support to Melbourne Heart Group in relation to this incident,” a hospital spokesman Dr Michael Walsh said.
The Australian Cyber Security Centre confirmed it is assisting the clinic and supplying cyber security advice. According to The Age, the Australian Federal Police have also been briefed.
“Patient data is very valuable to hackers, with stolen information often used to commit further crimes like identity theft,” Webroot senior information security analyst Dan Slattery said.
“The evolution of ransomware means that patient data has become even more valuable without needing to take it out the network. Holding healthcare data to ransom, especially by encrypting possibly life critical information of heart patients, has become a very lucrative business model for cyber criminals.”
The private health sector regularly tops the Office of the Australian Information Commissioner's (OAIC) quarterly list of sectors with most data breach reports.
In the last quarter, the industry received 54 breaches, with human error being blamed for the majority of attacks. The two previous quarters before saw private health hit by security breaches 45 and 49 times respectively.
In late January Melbourne Heart Group experienced a cyber security incident in which our patient data was encrypted," a clinic spokesperson said. "This means that our patients' information became inaccessible to anyone, including ourselves. We have been assured that no patient's privacy has been compromised in any way. We are working through this issue with our IT provider and hope to resolve it as soon as possible.
"The health and wellbeing of our patients is always our primary concern. Their privacy is of the utmost importance to us. We are deeply sorry that this incident happened and encourage all our patients to contact our office so that we can keep them updated."