Recently, Monash Health, a Victorian public health service, announced that it has been impacted by a hacking incident involving ZircoDATA, a company that provides document storage and information management services to clients across Australia. In February, ZircoDATA reported a breach in its system, which also affected some of Monash Health’s archived historical documents.
On May 3, Monash Health revealed that some of its historical data related to domestic violence victims was exposed in the hack. The information compromised included archived data from family violence and sexual assault support units at Monash Medical Centre, Queen Victoria Hospital, and Southern Health, covering the period from 1970 to 1993. Monash Health’s Chief Executive, Eugine Yafele, stated that the National Office of Cyber Security has been notified of the breach.
Despite the breach, Monash Health confirmed that its internal systems have not been compromised by the cyber attack. Yafele expressed regret over the breach and reassured that they are collaborating with ZircoDATA to investigate the incident.
This hacking incident is part of a larger trend in cyber threats affecting healthcare organizations. The ransomware gang Black Basta claimed responsibility for hacking ZircoDATA and stealing a significant amount of data, including financial documents, personal information, and confidentiality agreements. Although a ransom deadline was set initially, the situation is still ongoing.
Lt. Gen. Michelle McGuinness, the National Cyber Security Coordinator, noted that several government entities and organizations have been impacted by this breach. St. Vincent’s Health, another major healthcare provider in Australia, also reported a data breach before the new year, although no sensitive data were accessed by the hackers.
The response to these cyber threats involves collaboration between affected entities, government agencies, and cybersecurity experts to identify the extent of the breach, notify affected individuals, and strengthen cybersecurity measures to prevent similar incidents in the future.