Recently, Monash Health, a Victorian public health service, announced that it has been affected by the hacking of ZircoDATA. ZircoDATA is a company based in Victoria that provides secure document storage, information governance, digital conversion, and destruction services to 9,000 clients across Australia, including Monash Health.
In February, ZircoDATA reported a breach in its system which led to the exposure of some historical documents belonging to Monash Health. The data involved archived information from the family violence and sexual assault support units at Monash Medical Centre, the Queen Victoria Hospital and Southern Health limited to the period from 1970 to 1993.
Monash Health’s chief executive Eugine Yafele stated that the National Office of Cyber Security has been notified of the breach and investigations are ongoing. Despite the breach, Monash Health assured the public that its systems have not been compromised or impacted by the cyber attack. Yafele expressed regret over the incident and stated that efforts are being made to investigate the breach in collaboration with ZircoDATA.
The ransomware gang Black Basta has claimed responsibility for the hacking of ZircoDATA and has reportedly accessed financial documents, personal information and confidentiality deals totaling 395 gigabytes of data. The gang set a ransom deadline for the data breach. Lieutenant General Michelle McGuinness National Cyber Security Coordinator mentioned that ZircoDATA and other government entities are still working to identify impacted data and individuals affected by the breach.
In a separate incident before new year St Vincent’s Health one of largest not-for-profit health care providers in Australia reported a data breach by unknown hackers they confirmed no sensitive data were compromised in this breach . This highlights how vulnerable our healthcare sector is to cybersecurity threats organizations must remain vigilant to protect patient data privacy