cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram

NSW Health confirms clinical trial data not involved in Advarra/ALPHV hack

NSW Health has shared a statement on third-party ransomware attack as threat actor removes data from its leak site.

user icon David Hollingworth
Wed, 15 Nov 2023
NSW Health confirms clinical trial data not involved in Advarra/ALPHV hack
expand image

NSW Health has said that no patient or research data was affected by a ransomware attack on US clinical research provider Advarra.

NSW Health was made aware of the incident on 2 November by Advarra after the ALPHV ransomware gang revealed it had exfiltrated 120 gigabytes of data from the company and threatened to publish it if a ransom was not received.

As part of the criminal gang’s negotiations – which were mired in a nasty back and forth between the gang and one of the company’s senior executives – limited documents were published on the group’s darknet leak site to prove that ALPHV had, in fact, gotten hold of the data.


One of the proof-of-hack documents appeared to be an internal Advarra log regarding trials run by the Far West Local Health District (FWLHD) in NSW – specifically listing the URL of a Clinical Conductor login portal for FWLHD clinical trials.

Clinical Conductor is a clinical trial management system developed by Advarra. It appears, however, that no health data was compromised in the attack.

“NSW Health uses Advarra products as part of its Clinical Trial Management System (CTMS). The CTMS is a software system which manages planning, performing, and reporting functions, maintains participant trial information, and tracks deadlines and milestones for streamlined trial management,” NSW Health told Cyber Daily via email.

“NSW Health requested further information from Advarra to determine the extent of the data breach,” a spokesperson said.

“Advarra has confirmed that no NSW Health data or systems have been impacted by this third-party incident. Rigorous cyber security measures are in place to protect NSW Health’s core network, applications and data.”

It now appears that Advarra may have paid the ransom, as the entry for the attack has now been removed from ALPHV’s darknet site.

Cyber Daily has reached out to Advarra for comment.

Comments powered by CComment

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.