quantum attacks Medlab Pathology

Incident Date:

June 14, 2022

World map



quantum attacks Medlab Pathology


Medlab Pathology




Auburn, Australia

New South Wales, Australia

First Reported

June 14, 2022

Medlab Pathology Suffers Ransomware Attack, Exposing Data of Over 200,000 Patients and Staff

Medlab Pathology, an Australian healthcare services provider, has been targeted by the ransomware group Quantum, resulting in the exposure of sensitive information for over 200,000 patients and staff. The attack occurred in February 2022, and the stolen data includes medical and health records, credit card numbers, and Medicare numbers.

Medlab Pathology is part of Australian Clinical Labs (ACL), which operates 89 laboratories and performs six million tests annually, serving 92 private and public hospitals across Australia. Despite generating revenue of almost $1bn during the 2022 financial year and employing about 5400 staff, ACL's cybersecurity capabilities were found to be minimal.

The attack was initially detected in February 2022, but it took ACL until October 2022 to publicly disclose the breach. The delay in disclosure was attributed to the highly complex and unstructured nature of the data set, which required forensic analysts and experts to determine the individuals and the nature of their information.

The OAIC alleges that ACL had serious deficiencies in its cybersecurity framework, including a lack of a dedicated cybersecurity team and insufficient training for staff responding to the attack. The company also failed to encrypt customer payment information properly and did not take acceptable measures to improve the security of systems it had bought.

The ransomware gang Quantum uploaded all stolen files on its Tor site on June 14, 2022, and the data leak page for Medlab has been accessed 130,000 times. ACL has offered free-of-charge credit monitoring and identity theft protection services to all affected individuals, as well as covering the costs of ID document replacements where needed.

The incident is part of a series of cyberattacks that have affected Australian companies in recent months, including Medibank and Optus. The Australian government is proposing new data protection laws to provide greater insight into data breaches and to impose more significant fines on companies not adequately protecting data.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.