cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Diabetes WA is the latest hacked Australian healthcare organisation

The healthcare industry continues to face an onslaught of cyber attacks, with Australia’s Diabetes WA being the latest organisation to face unauthorised access by a third party.

user icon Daniel Croft
Tue, 09 Apr 2024
Diabetes WA is the latest hacked Australian healthcare organisation
expand image

Diabetes WA disclosed the attack last week, saying that an unauthorised party gained access to the personal data of “some of our contacts”.

Data reportedly includes names, dates of birth, addresses, email addresses, phone numbers, Medicare numbers, type of diabetes, marital status, Indigenous status, and referring doctor.

Despite this, Diabetes WA said it can confirm that “no detailed medical records or detailed clinical information were accessed”.


“This breach was quickly detected and fully contained. It is under investigation through Diabetes WA’s Cyber Security Response Plan,” added Diabetes WA.

As required, the company has notified the Office of the Australian Information Commissioner and has sent notifications of the breach to “all affected individuals”.

Additionally, Diabetes WA said it plans to bolster its security measures to prevent further attacks.

Speaking with ITNews, a spokesperson for Diabetes WA said the attack happened after one user account was compromised by the threat actor. The company said the account has been “promptly closed, thereby blocking the attacker and stopping any further access to our system”.

Additionally, when asked about who the affected “contacts” were, Diabetes WA said that some of them may have been members.

“It is likely that a subsection of those contacts will have been members, but our focus has been on ensuring that every affected contact – whether a member or not – has been notified of the breach in the timeliest manner possible,” it said.

The attack on Diabetes WA is just the latest in the healthcare industry, a trend becoming increasingly common.

According to the chief executive and co-founder of Keep Security, Darren Guccione, the data retention requirements of healthcare organisations could mean that the large amounts of resulting data make these organisations a lucrative target to threat actors.

“Many industries, including healthcare, may have data retention requirements for legal, compliance or regulatory reasons,” he said.

“Because of these requirements, it is not uncommon for some companies to retain a large amount of past customer data.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.