Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers have published stolen data, including sensitive medical records, vaccination details, and NDIS information.
The DragonForce ransomware operation has listed the Queensland-based Toowoomba Friendlies Society Dispensary as a victim on its darknet leak site.
The pharmacy was listed on 30 August, and the hackers claim to have stolen a relatively small amount of data – just 35.82 gigabytes – including financial documents, counterparties, and clients.
DragonForce has published the full dataset, and the data appears to be legitimate. The data that is now freely available on the darknet includes highly sensitive medical documents featuring the names, addresses, and – in some cases – photographs of patients, as well as the treatment/s they have been receiving, from methadone treatment to prescriptions of emergency contraceptives.
Vaccination lists, details of staff pay, and scans of employees’ Medicare cards and driver’s licenses have also been shared by the hackers.
Toowoomba Friendlies Society Dispensary is a community-owned organisation that offers a range of services, from mobility supplies, home modifications, vaccinations, and delivery services. In addition, it is a registered NDIS provider. The dispensary has clients all over the region, including in northern NSW.
Cyber Daily has reached out to Toowoomba Friendlies Society Dispensary for comment on the incident, but has yet to receive a reply.
DragonForce runs a ransomware-as-a-service operation where affiliates can hire the gang’s ransomware platform in return for a cut of any profits. The gang passes on up to 80 per cent of ransom payments and commonly advertises its services on Russian-language hacking forums.
The group is believed to have links to the LockBit ransomware operation and engages in double-extortion tactics. It has claimed 248 victims to date, with the most recent Australian victim being Western Australia-based hydraulics firm Pressure Dynamics, which fell victim to the group in June.
DragonForce is thought to have some links to the Scattered Spider hacking collective and was recently linked to a string of hacks targeting major UK retailers.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
