15,000 medical records of patients from a cardiology unit at Cabrini Hospital in Malvern, Australia were compromised and encrypted in a ransomware attack at the end of January, reports Australian newspaper The Age. The attackers demanded ransom in cryptocurrency for a decryption key that would let staff read the documents again.
Even though the culprits haven’t officially been identified, the daily said the malware may have come from North Korea or Russia. It is believed ransom was eventually paid, but not all files were retrieved, “among them patients’ personal details and sensitive medical records that could be used for identity theft.” This statement was not confirmed by a hospital spokeswoman.
A number of patients were informed, without extensive details, that their data was lost, while others showed up for appointments that were no longer visible in the hospital’s network.
Government agencies are working with the hospital to shed light on the criminal gang and how they compromised the servers and data. Australia Cyber Security Centre is also helping the institution handle the incident.
The security incident has been addressed and data privacy was not compromised, according to Melbourne Heart Group, which announced the breach on February 25.
“Melbourne Heart Group wishes to advise all our patients that the cybersecurity incident we experienced in late January has been resolved,” reads their website. “The data has been decrypted and our systems have been restored. Once again we would like to emphasize that patients’ privacy has not been compromised or breached. No information left our computer system – it was encrypted so that no one could see it, even ourselves. We would like to thank all our patients for their understanding over this period.”