Share this article on:
Powered by MOMENTUMMEDIA
For breaking news and daily updates,
subscribe to our newsletter.
Threat actors have launched a cyber attack on an Australian women’s healthcare centre, claiming to have exfiltrated sensitive patient data.
O&G (Obstetrics and Gynaecology) is an Adelaide-based women’s healthcare centre specialising in fertility and reproductive system health for women “in all stages of life”.
The company was listed on the dark web leak site of the Kairos ransomware group, which claimed to have exfiltrated 77 gigabytes of data.
While the nature and scope of the incident was not outlined by the threat actor, Kairos posted a sample of the data exfiltrated from O&G, which contains patient names, addresses, dates of births, email addresses, phone numbers, occupations, alternative contact names, relationship statuses, doctor names, practice locations, Medicare numbers and details, private health insurance details, banking statements, intimate and specific medical histories, medicine details and more.
Kairos said it will publish the data in just over four days at the time of writing.
Responding to Cyber Daily’s request for comment, O&G said it has begun investigating the cyber incident.
“O&G recently became aware that an unauthorised third party accessed a part of its IT system,” said a company spokesperson.
“As soon as we discovered the incident, we engaged experts to provide advice. With the help of our experts, we have been urgently investigating the incident and assessing what data has been impacted. Based on information known, our practice management software containing medical notes has not been impacted by this incident.
“Cyber incidents are complex and take time to investigate accurately. While our investigation is ongoing, we have communicated with all patients about this event and have notified the Australian Cyber Security Centre.
“We apologise for any concern caused by the incident and are committed to supporting our patients.”
The O&G cyber incident closely follows a cyber attack on major Australian IVF and fertility clinic Genea IVF.
Genea Fertility revealed that on 14 February, it discovered suspicious activity on its network and that some of its systems have been disabled to contain the breach. The incident was soon claimed by the Termite ransomware group, which subsequently published the data.
“Genea can confirm that additional stolen data from our systems has been published on the dark web by the threat actor,” Genea said in a 4 March update to its incident advisory.
Cyber Daily can confirm Termite has published the dataset, but an injunction prevents us from saying anything more related to the content of the data breach. However, while Genea said it cannot confirm the exact data impacted, it is likely to contain “full names, emails, addresses, phone numbers, Medicare card numbers, private health insurance details, Defence DA number, medical record numbers, patient numbers, date of birth, medical history, diagnoses and treatments, medications and prescriptions, patient health questionnaire, pathology and diagnostic test results, notes from doctors and specialists, appointment details and schedules, emergency contacts and next of kin”.
Be the first to hear the latest developments in the cyber industry.