No data stolen in Victoria hospital attack


By Dylan Bushell-Embling
Tuesday, 15 October, 2019

No data stolen in Victoria hospital attack

A forensic investigation of the recent cyber attack on some Victorian regional hospitals and health services has uncovered no evidence that any patient data has been stolen.

The ransomware attack on hospitals and health services in Gippsland and Southwest Victoria on 30 September began with a phishing email sent to a hospital employee, the investigation found.

The email was used to implant a virus onto the hospital’s computer network allowing the attackers to gain unauthorised access.

Once inside, the attackers spread their virus across the network, leading to the ransomware infection of some servers controlling important clinical, medical and corporate systems.

Staff were able to contain the spread of the malware to just a portion of the hospital’s network.

While the attack bears all the hallmarks of a financially motivated ransomware attack, the state government has to date received no specific ransom demand, according to the Department of Premier and Cabinet.

Regardless, the state has no intention of paying any ransom to the cybercriminals, the department said in a statement.

“This incident provides a useful reminder about the importance of cyber security. Despite the many protections put in place by the hospitals to protect their computer networks, cyber criminals worked hard to get inside,” the statement reads.

“Cyber security is a business risk that all organisations must act on.”

Image credit: ©iStockphoto.com/Factoria Singular

Related News

23% of connected healthcare devices vulnerable to attack

New research from Claroty indicates that a high proportion of medical devices connected to...

Dynatrace completes IRAP assessment

Observability and application security company Dynatrace has been certified to manage Australian...

GCSB updates NZ Information Security Manual

New Zealand's Government Communications Security Bureau has published some minor updates to...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd