Medlab Pathology Suffers Ransomware Attack, Exposing Data of Over 200,000 Patients and Staff

Medlab Pathology, an Australian healthcare services provider, has been targeted by the ransomware group Quantum, resulting in the exposure of sensitive information for over 200,000 patients and staff. The attack occurred in February 2022, and the stolen data includes medical and health records, credit card numbers, and Medicare numbers.

Medlab Pathology is part of Australian Clinical Labs (ACL), which operates 89 laboratories and performs six million tests annually, serving 92 private and public hospitals across Australia. Despite generating revenue of almost $1bn during the 2022 financial year and employing about 5400 staff, ACL's cybersecurity capabilities were found to be minimal.

The attack was initially detected in February 2022, but it took ACL until October 2022 to publicly disclose the breach. The delay in disclosure was attributed to the highly complex and unstructured nature of the data set, which required forensic analysts and experts to determine the individuals and the nature of their information.

The OAIC alleges that ACL had serious deficiencies in its cybersecurity framework, including a lack of a dedicated cybersecurity team and insufficient training for staff responding to the attack. The company also failed to encrypt customer payment information properly and did not take acceptable measures to improve the security of systems it had bought.

The ransomware gang Quantum uploaded all stolen files on its Tor site on June 14, 2022, and the data leak page for Medlab has been accessed 130,000 times. ACL has offered free-of-charge credit monitoring and identity theft protection services to all affected individuals, as well as covering the costs of ID document replacements where needed.

The incident is part of a series of cyberattacks that have affected Australian companies in recent months, including Medibank and Optus. The Australian government is proposing new data protection laws to provide greater insight into data breaches and to impose more significant fines on companies not adequately protecting data.

Sources

• Healthcare IT News: Data of over 200,000 patients, staff affected by Medlab hack
• The Guardian: Medical test company's 'serious and systemic failures' led to cyber-attack
• The Australian Financial Review: Sexual health and fertility details leaked in ACL data breach
• Bleeping Computer: Australian Clinical Labs says patient data stolen in ransomware attack