Australian healthcare provider St. Vincent had data stolen in cyberattack

Australia’s largest not-for-profit healthcare provider was hit by a cyberattack this week, leading to the theft of data from its networks.

In a statement released Friday, St Vincent’s Health Australia said it was working with Australian government and state officials to resolve the cyber incident, which began on Tuesday.

The hospital network, founded more than 180 years ago, did not respond to requests for comment on whether it was a ransomware attack, but said it “took immediate action to contain the incident, engaged external security experts and informed all relevant states and authorities. federal governments and necessary agencies.

“Late Thursday, December 21, St. Vincent found evidence that cybercriminals had deleted some data from our network. St Vincent is working to determine what data has been deleted. Investigation into the matter is ongoing,” they said. said.

“Key activities include securing and containing the incident, understanding what the cybercriminals did, and identifying what data may have been accessed and stolen. To date, this incident has not affected St Vincent’s ability to deliver the services our patients, residents and wider community rely on across our hospital, aged care and virtual health networks and to residence.

The Australian National Cyber ​​Security Office confirmed that he is working with the hospital to respond to the incident.

St. Vincent said no new hacker activity had been detected in St. Vincent’s networks since Wednesday morning, but noted that “containment activities are still ongoing.”

No group took credit for the incident, the hospital said, adding that it was still determining what type of information was stolen.

St. Vincent operates six public hospitals, 10 private hospitals and 20 aged care facilities. It has more than 20,000 employees across hospitals in New South Wales, Victoria and Queensland.

Devastating attacks on leading Australian institutions like Medibank, Latitude Financial, DP World Australia And Optus have shaken Australian public opinion over the past 16 months, sparking sweeping changes in the government’s stance on cybersecurity.

The government — which took care of its Tasmania’s own data breach — published a revised version national cybersecurity strategy in November, nearly $400 million will be spent over the next seven years to address cybersecurity issues.

Hackers, particularly those involved in ransomware gangs, have repeatedly increased attacks on healthcare organizations during the holiday season in hopes of extracting larger ransoms as many IT teams run out of resources. staff.

During the 2022 Christmas period, the LockBit ransomware gang was forced to apologize after attacking the Hospital for Sick Children in Toronto, Canada’s largest pediatric health center.

Just last week, ransomware gangs attempted to extort cancer patients after attacking a major cancer center in Seattle and forced a Kansas City hospital to send patients to other facilities after bringing down their entire computer system.

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.