Less than a week prior to Christmas, St Vincent’s Health, a prominent Australian non-profit organization specializing in health and aged care, discovered a security breach in its information technology system. On December 19th, the organization reacted swiftly to the breach, implementing containment measures and notifying the appropriate authorities. By December 21, it was revealed that the hackers had extracted some data from their network.
Despite this security lapse, St Vincent’s Health confirmed on December 22nd that the breach did not compromise their capacity to provide services in their hospitals, aged care facilities, and virtual and home health networks. The organization operates a substantial network of six public hospitals, 10 private hospitals, and 20 aged care facilities across New South Wales, Victoria, and Queensland.
As of the current date, St Vincent’s Health is still in the process of identifying the exact nature of the data compromised. No further updates have been provided since the initial announcement. Darren Goldie, the National Cyber Security Coordinator, stated in a recent post that his office is actively collaborating with St Vincent’s Health. The Australian Cyber Security Centre is also involved in addressing this incident.
This cyberattack is part of an increasing trend of similar incidents targeting Australian hospitals and healthcare facilities, particularly since the onset of the global pandemic. Another notable instance occurred in October when Personify Care, a digital patient pathway provider for SA Health, experienced a data breach. This breach resulted in the accidental deletion of a folder containing the health information of 121 patients, and the cause remains unidentified.
Despite the recent surge in cyber incidents within the healthcare sector, more than one-third of major Australian hospitals have yet to implement fundamental cybersecurity measures. This includes safeguards against email fraud and domain spoofing, which are prevalent hacking techniques. This concerning observation was highlighted in a recent study conducted by Proofpoint.