ASX-listed aged care provider Regis Healthcare has lost data to an overseas-based attacker that has also starting leaking it, prompting an industry-wide warning by federal cyber security authorities.
The company said today that it had “been targeted in a cyber attack by an overseas third party” that had “copied some data from [its] IT system and released certain personal data publicly.”
iTnews was able to confirm the cause of the incident as a Maze ransomware infection.
The Australian Financial Review reported that residential care and accommodation agreements for one care facility were among documents leaked.
“[We are] contacting parties whose personal data has been publicly released,” Regis Healthcare said in a statement.
“The company has also reported the incident to the Office of the Australian Information Commissioner (OAIC), the Australian Cyber Security Centre (ACSC) and other regulatory bodies.”
Regis Healthcare said that the incident is “not materially impacting” its day-to-day operations, which include the delivery of resident care and services.
It owns and operates around 50 aged care facilities with over 5880 operational places, according to a company profile by Reuters.
Regis Healthcare said it had been able to move to “backup and business continuity systems” to recover from the incident.
“Our priority is maintaining safe and reliable operations while ensuring the security of personal information of our residents, clients, and employees,” Regis Healthcare’s CEO Dr Linda Mellors said.
“To this end, we are working with expert IT and security advisors to continue to investigate and deal with this incident”.
The incident appears to have been the prompt for an ACSC warning on Sunday over ransomware “targeting Australian aged care and healthcare sectors”.
“Recently there has been a significant increase in healthcare or COVID-19 themed malicious cyber activity, including targeting of the aged care and healthcare sectors by financially motivated cyber criminals using the Maze ransomware,” the centre said.
“The Australian Cyber Security Centre (ACSC) is aware of recent ransomware campaigns targeting the aged care and healthcare sectors.
“Cyber criminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks.
“This is because of the sensitive personal and medical information they hold, and how critical this information is to maintaining operations and patient care.”
The ACSC said the ransomware could be used to encrypt and exfiltrate sensitive information, which the attackers “may then threaten to post ... online unless a further ransom is paid.”
“This is especially effective in the aged care and healthcare sectors,” it said.
The attacks come at a particularly critical time in Australia’s response to the coronavirus outbreak, with aged care facilities on the frontlines, particularly in Victoria.