Read Time:1 Minute, 46 Second

Australian Clinical Labs (ACL) has announced a data breach that occurred in February 2022 and affected its Medlab Pathology division, compromising 223,000 people’s medical records and other sensitive information.

“On behalf of Medlab, we sincerely and deeply regret this incident occurred. We recognize the concern and inconvenience this incident may cause those who have used Medlab’s services and have taken steps to identify individuals affected. We are in the process of providing tailored notifications to the individuals involved. We want to assure all individuals involved that ACL is committed to providing every practical support to them. We will continue to work with the relevant authorities,” ACL Chief Executive Officer Melinda McGrath said.

Quantum, a ransomware group, claimed responsibility for the cyber incident and posted all of the stolen data on its Tor website on June 14, 2022.

In addition to patient and staff information, financial reports, invoices, contracts, forms, subpoenas, and other confidential documents were among the 86GB of material that the threat actors published.

MedLab launched a forensic investigation after discovering unauthorized access to its network in February 2022, which they assert did not turn up anything concerning.

They claimed that it took them almost five months to detect that there was data stolen from its system.

“Given the highly complex and unstructured nature of the data set being investigated, it has taken the forensic analysts and experts until now to determine the individuals and the nature of their information involved,” ACL explained.

To compensate, the company will provide free credit monitoring and identity theft protection services to all affected people and pay for any necessary ID document replacements.

According to Jeremy Kirk, a Sydney-based reporter, the leaked material was unstructured, but not to the extent that it would require months to study.

Over the last two months, numerous data breaches and cyberattacks, including those on Optus, Medibank, MyDeal, and Vinomofo, have been reported in Australia.

Although it’s unlikely that hackers are deliberately targeting Australian businesses, the Australian government is putting up new data protection regulations to shed more light on security lapses and impose more severe fines for negligent companies.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Hacker hand using medical interface Previous post Australia Admits “Inadequate” Cyber Defenses After the Recent Medical Hack Hits Millions
Ransomware Attacks Next post 1 in 5 Businesses Had Six or More Ransomware Attacks This Year, a New Report Says