You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Exclusive: Spectrum Medical Imaging continuing to contact patients months after attack

A Sydney-based healthcare provider is continuing to investigate the impact of the January ransomware incident.

Exclusive: Spectrum Medical Imaging continuing to contact patients months after attack
expand image

Three months after it fell victim to an INC Ransom ransomware attack, Sydney-based Spectrum Medical Imaging is continuing to notify its patients and customers that their data has been compromised.

Patients continued to receive notifications from Spectrum as recently as the middle of April, and the healthcare provider confirmed with Cyber Daily that it is continuing to investigate the incident in order to discover the scope of the data exposed.

“We have been analysing the impacted data, and notifying impacted patients as they are identified,” a Spectrum spokesperson said.

“The analysis remains ongoing, and we continue to notify impacted individuals in accordance with our legal obligations.”

Spectrum also said that it has “not identified any payment information among the impacted data” at this time.

The notification that patients are receiving is identical to what Spectrum was telling its clients in February:

“Spectrum Medical Imaging recently experienced a cyber security incident. A third party gained access to some of our IT systems and certain patient records. Unfortunately, some of your data has been accessed and copied. This could include name, DOB, contact details, and some health information. We do not believe any payment information was impacted, and the attackers have been locked out of our system.”

Spectrum was listed on INC Ransom’s darknet leak site in January, with the gang saying at the time it had stolen 149.7 gigabytes of data, totalling almost 300,000 individual files. At the time, Spectrum said it was unaware of any cyber incident, but after INC Ransom published the full data set, which included full backups of the healthcare provider’s Liverpool practice alongside numerous patient scans and oncology data, Spectrum began contacting patients in mid-February.

Patients have expressed some dismay that it has taken this much time for Spectrum to warn them that their data had been compromised, with one client wondering: “How did it take a whole month to tell us our sensitive info was compromised?”

Spectrum has practices in Alexandria, Bankstown, Bondi Junction, Casula, Liverpool, Maroubra, Miranda, and Randwick and offers a range of services, including CT scans, X-rays, dental imaging, ultrasounds, and women’s procedures.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.