Hospital Cardiology Unit Patient Records Encrypted by Ransomware
Who: Cabrini Hospital Cardiology Unit
# of Records: 15,000
When it happened: February 20, 2019
What happened: A cybercrime syndicate has hacked and scrambled the medical files of about 15,000 patients from a specialist cardiology unit at Cabrini Hospital and demanded a ransom.
How it happened: The malware used to penetrate the unit’s security network is believed to be from North Korea or Russia, while the origin of the criminals behind the attack has not been revealed. The online gang responsible for the data breach demanded a ransom be paid in cryptocurrency before a password would be provided to break the encryption.
Outcome: They made a payment, but some of the scrambled files have not been recovered, among them patients’ personal details and sensitive medical records that could be used for identity theft. The attack is now the subject of a joint investigation by Commonwealth security agencies. Melbourne Heart Group, which is based at the private hospital in Malvern, has been unable to access some patient files for more than three weeks after the malware attack crippled its server and corrupted data and is working with government agencies to resolve the issue. They have released a statement that there was no link between the encrypted data and any function relating to cardiac implantable electrical devices, such as pacemakers and defibrillators. This is was a sophisticated attack because getting malware onto the hospital system is complicated, but once you have done that then it is relatively easy. It all comes down to updating systems and applying security patches regularly.