iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The records of 121 SA Health patients have been impacted, along with contact details of over 12,000 more patients.
According to SA Health, the third-party provider behind the Digital Patient Pathways app detected unauthorised access within two hours and immediately began working with SA Health to mitigate the issue. The incident occurred on 16 October.
Only two South Australian health networks were affected – Central Adelaide Local Health Network and Southern Adelaide Local Health Network.
While a single folder was deleted – which contained the patient data and contact details – SA Health believes no data was exfiltrated by the as-yet unidentified threat actor.
The 121 patient records included “personal, medical and/or legal documents”, and the impacted patients have been notified. The deleted folder also contained the names and phone numbers of 12,624 patients who had been invited to use the app.
“The incident occurred outside the SA Health network within a specific part of the infrastructure used by Personify Care,” SA Health said in a statement.
“Personify Care has engaged an expert advisory firm to provide an independent assessment of the additional measures they are implementing to prevent such incidents from occurring in the future.
“All appropriate measures have been taken to independently verify that the incident has been resolved and there is no further risk to patient information contained on the Personify Care platform.”
The Office of the Australian Information Commissioner has been notified of the incident, and concerned patients have been directed that they can contact identity and cyber support organisation IDCare free of charge for support and advice.
South Australian State Treasurer Stephen Mullighan revealed earlier this month that SA Super had been impacted by a security incident at a third-party call centre.
“A third-party provider who was contracted by Super SA, and other government agencies, to provide call centre services has experienced a cyber security incident,” said SuperSA about the incident.
“This affects a small cohort of Super SA members, and none of the data held by the third-party provider contains information post-2020.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
