iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The aged and healthcare not-for-profit is investigating a cyber attack that impacted its systems this week.
Healthcare provider St Vincent’s Health has admitted to media that it fell victim to a cyber attack on 19 December, with the hackers having stolen some amount of data.
St Vincent’s Health told The Sydney Morning Herald about the incident, though as yet, there is no notice of the hack on the healthcare provider’s website.
“On Tuesday, 19 December 2023, St Vincent’s Health Australia began responding to a cyber security incident,” a St Vincent’s spokesman told the SMH.
“St Vincent’s immediately took steps to contain the incident, engaged external security experts, and notified all relevant state and federal governments and the necessary agencies.
“Late on Thursday, 21 December, St Vincent’s found evidence that cyber criminals had removed some data from our network.
“St Vincent’s is working to determine what data has been removed.”
According to the SMH, St Vincent’s has been in touch with federal and state authorities daily since the incident was discovered, and the provider is working closely with the Australian Cyber Security Centre.
“To date, this incident has not affected the ability of St Vincent’s to deliver the services our patients, residents, and the broader community rely on across our hospital, aged care, and virtual and home health networks,” St Vincent’s said.
As of writing, none of the usual threat actors have taken responsibility, and the stolen data does not seem to have been posted online – as yet.
St Vincent’s Health operates public and private hospitals and aged-care homes in NSW, Victoria, and Queensland and has 22,000 employees.
The acting national cyber security coordinator, Hamish Hansford, has released a statement on the incident, saying that he and the National Office of Cyber Security are working with St Vincent’s.
“My team is working with Services Australia, the Department of Health and Aged Care, and relevant state and territory agencies to ensure a coordinated government response to this incident and to mitigate any flow-on effects,” the coordinator said in a statement on LinkedIn.
“The Australian Signals Directorate’s Australian Cyber Security Centre is also working closely with St Vincent’s.”
The coordinator added that St Vincent’s took immediate steps to “contain the incident” and is working on keeping services running.
“We’re advised that this incident has not affected the ability of St Vincent’s to deliver their important services to patients, residents, and the broader community across their hospital, aged care, and virtual and home health networks,” the coordinator said.
“I know these incidents are distressing for those affected. We are focused on assisting St Vincent’s to consider and address impacts arising from this incident.”
Cyber Daily has reached out to St Vincent’s for further information and was provided with the same statement given to the SMH.
We will update with further developments as they come to light.
Updated 22/12/23 to add further commentary from the National Cyber Security Coordinator.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
