IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Australian patient data breached for months in country's latest major cyber incident

The pathology company claims to have carried out an investigation when it was hit with a cyber attack but didn’t find any evidence that information had been compromised

An Australian pathology company, Medlab Pathology, suffered a data breach that led to its patients' data being leaked on the dark web for four months before the government's cyber security agency intervened.

Australian Clinical Labs (ACL), which acquired Medlab Pathology in December 2021, determined that the personal information belonging to around 223,000 individuals has been affected, with the individuals impacted largely confined to New South Wales (NSW) and Queensland.

The records breached of most concern are around 17,539 individual medical and health records associated with a pathology test and around 28,286 credit card numbers and individuals’ names.

Of these records, 15,724 have expired and 3,375 have a CVV code, and 128,608 Medicare numbers, a government national insurance programme, and an individual’s name. ACL publicly confirmed that Medlab experienced a cyber incident affecting patients and staff on 27 October.

Medlab became aware of unauthorised third-party access to its IT system in February 2022. ACL said it immediately coordinated a forensic investigation led by independent external cyber experts into the Medlab incident. At the time, the external forensic specialists did not find any evidence that information had been compromised.

In March, the company was contacted by the Australian Cyber Security Centre (ACSC) which said that it had received intelligence that Medlab may have been the victim of a ransomware incident.

The company responded to the request for information and confirmed that to its knowledge the company did not believe that any data had been compromised. 

Related Resource

Five common data security pitfalls

Learn how to improve your security posture

Dark shaded blue whitepaper cover with titleFree Download

In June, ACL was again approached by the ACSC, suggesting that Medlab information may have been posted on the dark web. ACL took immediate steps to find and download the unstructured data set from the dark web and made efforts to permanently remove it. 

“On behalf of Medlab, we apologise sincerely and deeply regret that this incident occurred,” said Melinda McGrath, CEO at ACL. “We recognise the concern and inconvenience this incident may cause those who have used Medlab’s services and have taken steps to identify individuals affected.”

The company also informed the Office of the Australian Information Commissioner (OAIC) that has been kept up to date on the progress of the forensic investigations into the incident.

ACL said that there is no evidence of misuse of any of the information or any demand made of Medlab or ACL, and that the compromised Medlab server has been decommissioned. ACL’s broader systems and databases are not affected by the attack either, it said.

Following advice from privacy and legal specialists in cyber matters, ACL said it implemented a programme to determine the nature of the information involved and any individuals that could be at risk of serious harm as a result of the incident.

It added that because of the complex and unstructured nature of the data set being investigated, it has taken forensic analysts and experts until now to determine the individuals and the nature of their information involved. 

ACL will now commence the process of directly contacting at-risk individuals by email and postal mail, to provide them with information about the incident, how it affects them and additional steps that can be taken to protect their information, the company said.

The company will be offering free-of-charge credit monitoring and/or ID document replacements to individuals whose affected information types may put them at risk of credit and/or identity fraud, and is working alongside Federal and State government authorities in this regard. 

The news comes after Australia has been rocked by a series of cyber attacks in recent months. Private health insurance provider Medibank revealed on 26 October that a cyber attack that hit it earlier in the month could set the company back by $35 million AUD (£19.5 million).

At the same time, the company disclosed that the attackers had access to all 3.9 million customers’ data, which is equivalent to around 15% of the population of Australia.

In October, Telstra, the country's largest telco, was hit by a data breach and advised customers to improve the security on their accounts. The incident involved the access of around 30,000 past and present employee details, with a third-party platform being affected in the attack.

Optus, another major telco, was also hit by a cyber attack in September which saw 10 million of its accounts affected. It warned 10,200 customers that their Medicare records were included in a cache the hackers was trying to hold to ransom online, with the government underlining that the breach had caused systemic problems for million of Australians.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download


Why Japan finds it so hard to digitally transform
digital transformation

Why Japan finds it so hard to digitally transform

1 Dec 2022
MSG giant Ajinomoto's chipmaking foray helps break financial records
Business strategy

MSG giant Ajinomoto's chipmaking foray helps break financial records

30 Nov 2022
India to trial digital rupee from December 2022
digital currency

India to trial digital rupee from December 2022

30 Nov 2022
Japan considers creating new cyber defence agency as attacks ramp up in region
cyber attacks

Japan considers creating new cyber defence agency as attacks ramp up in region

24 Nov 2022

Most Popular

Empowering employees to truly work anywhere

Empowering employees to truly work anywhere

22 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022