cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Indigenous health organisation hacked, 8,000 affected

A Queensland-based Indigenous health organisation has announced that it suffered at the hand of a cyber attack last year that saw the personal information of over 8,000 clients and staff compromised.

user icon Daniel Croft
Thu, 23 Mar 2023
Indigenous health organisation hacked, 8,000 affected
expand image

Responsible for serving 11 communities in remote parts of Far North Queensland, the Apunipima Cape York Council was hit by the attack in October last year.

In a release issued yesterday, on 22 March 2023, Apunipima said that an “unknown third-party gained unauthorised access to some of [its] computer systems and may have viewed some personal information of [its] clients and staff”.

Based on the organisation’s investigation into the matter, the information accessed included “mostly Medicare numbers and other transactional health information, such as a [sic] healthcare identifiers”.


“For a small number of individuals, other information types may have been involved as well,” including personal contact information such as names, numbers and addresses, driver’s licenses and numbers, passports and bank cards.

Apunipima has said that the investigation into the attack, which was conducted by Australian Cyber Security Centre (ACSC) alongside other government bodies, has only just finished.

It has also said that despite the long time to finish the investigation, it had informed relevant authorities, including the ACSC, the Office of the Australian Information Commissioner (OAIC) and more.

The organisation has also adopted IDCARE services and has released several public announcements about the incident occurring.

Apunipima has revealed that the investigation found no evidence that the personal information accessed by threat actors has been misused in any way. It has also reiterated that the “risks associated with that information [are] low”, as it has taken a number of steps towards protecting it, such as cooperating with the Australian Tax Office (ATO) and Services Australia.

Those affected in the attack will be contacted individually, with specifics on what information of theirs was accessed and the best steps to take to protect that data in response.

“We sincerely apologise that this incident happened and for any concern it may cause our valued patients, clients and staff across the Cape York region,” Apunipima said.

For the full list of steps to take to protect compromised data, visit the Apunipima Cape York Council website here.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.