The
Age, 20
February 2019:
A cyber crime syndicate
has hacked and scrambled the medical files of about 15,000 patients from a
specialist cardiology unit at Cabrini Hospital and demanded a ransom.
The attack is now the
subject of a joint investigation by Commonwealth security agencies.
Melbourne Heart Group,
which is based at the private hospital in Malvern, has been unable to access
some patient files for more than three weeks, after the malware attack crippled
its server and corrupted data.
The malware used to
penetrate the unit's security network is believed to be from North Korea or
Russia, while the origin of the criminals behind the attack has not been
revealed.
The online gang
responsible for the data breach demanded a ransom be paid in cryptocurrency
before a password would be provided to break the encryption.
The Age understands
that a payment was made, but some of the scrambled files have not been
recovered, among them patients' personal details and sensitive medical records
that could be used for identity theft.
Some patients were told
that their files had been lost but were not given any explanation. Others have
turned up for appointments for which the hospital had no record.
The Australian Cyber
Security Centre, which is part of the Australian Signals Directorate – the
government agency responsible for Australia's cyber warfare and information
security – said it was assisting the hospital with cyber security advice.
The Australian Federal
Police has also been briefed.
A Melbourne Heart Group
spokeswoman said it was working with government agencies to resolve the issue.
No comments:
Post a Comment