The Guardian reports:
Thousands of medical records and patient information stored with one of Australia’s biggest healthcare providers have been breached in a cyber-attack.
Partnered Health, owned by private equity firm Quadrant, said 21 clinics across several cities including Sydney, Melbourne and Canberra have been affected by the breach which occurred on 23 June.
“Our investigations to date have confirmed that personal information (including health information) was taken from some of the clinics in our network,” the healthcare provider said on Wednesday.
… The stolen personal information included names, dates of birth, addresses and contact details as well as Medicare, private health insurance and concession card details.
Medical information and treatment details, including consultation notes, referral letters, and pathology or diagnostic results recorded by a GP were also breached.
Read more at The Guardian.
It seems that once again, a victim entity has rushed to court to obtain an injunction prohibiting anyone from publishing the data or using it. Whether that injunction will include using it for reporting purposes remains to be seen, but we do not expect any threat actors to be influenced by a court injunction. Nor will journalists not under the jurisdiction of the NSW court be bound by it.
A list of affected practices can be found on Partnered Health’s incident page.
None of the data has appeared on any forum or leak site as of this writing, and no group has claimed responsibility for the attack yet.
