Cyber Health Incident (Oct 1, 2019)
The systems of hospitals and health services in Gippsland and south-west Victoria have been affected by a cybersecurity incident. While the full impact isn’t currently known, multiple systems were blocked due to ransomware leading to systems being disconnected to stop further infection. It appears as though no patient information was accessed or stolen, however, the shutdown has led hospitals to be without patient data such as x-rays and charts. An investigation is currently underway.
Recommendation: While in this story the patient data doesn’t appear to be stolen, the exposure of Personally Identifiable Information (PII) requires affected individuals to take precautionary measures to protect their identity and their finances. Identity theft services can assist in preventing illicit purchases, or applying for financial services from taking place by actors using stolen data.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.