Exclusive: Qld doctor’s office allegedly hacked by brutal ransomware gang

Queensland-based medical clinic Laidley Family Doctors has allegedly suffered a cyber attack, after a prolific ransomware gang claimed to have breached its network.

Having operated for over 50 years, Laidley Family Doctors is located in the community of Laidley in Queensland, west of Brisbane.

The company was listed on the dark web leak site of the Anubis ransomware gang, which claimed the breach and shared data samples.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

Data includes names, gender, date of birth, address, phone numbers, mobile numbers, Medicare details, medical history, medication details, incident reports and more.

As Anubis often does, it wrote a long piece accusing the firm of wrongdoing, this time claiming that Laidley Family Doctors had poor data storage mechanisms.

“If you still trust private medical institutions, it means you’re not reading enough of our articles,” it said.

“Today, we’ll examine another glaring example of a medical establishment you should steer clear of – Laidley Family Doctors.”

Following Cyber Daily inquiries, Laidley Family Doctors said it had no comment on the incident.

Who is Anubis?

VIEW ALL

Anubis has a tendency to exaggerate its accusations against victims to increase pressure. After listing its first Australian victim, Pound Road Medical Centre, at the beginning of last year, the group claimed that the medical centre had engaged in medical malpractice in a number of instances, a claim that they never backed up.

Additionally, unlike many ransomware actors, Anubis uses its leak posts to outline in detail the data stolen from its victims, focusing on exposing what it believes is sensitive data to further coerce and shame its victims.

The group also offers media access to exclusive data and poses as journalists to apply additional pressure.

A “journalist” for Anubis ransomware using the alias Tobias Keller, who also claimed to run the ransomware gang, first reached out to Cyber Daily following coverage of the cyber incident impacting Aussie Fluid Power.

“Good day, Cyber Daily team! I am working with the Anubis-RaaS group as a journalist,” the hacking group told Cyber Daily via email.

“Please note the leak in Australia: Aussie Fluid Power. More victims from Australia, law firms, and many others will be published in the near future. If you are interested, we can provide you with the information first.”

When asked about their motivation, the individual claimed to be the leader of the Anubis group, before admitting that it was an attempt to pressure their victim.

“The company suffers the most damage when we send information about the leak to various regulatory authorities,” the Anubis spokesperson said.

Anubis is a relative newcomer to the ransomware ecosystem, with over 30 victims listed on its leak site since it went live in February 2025. According to security researchers, the gang appears to be Russian speakers and is a ransomware-as-a-service operation.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

Tags: