Ransomware Attack Announced by Australian Clinical Labs after Nine Months

Australian Clinical Labs (ACL) disclosed on October 27, 2022, a data breach in its Medlab Pathology division. The attack took place in February 2022 end resulted in exposing the personal data of 223,000 people.

The Australian healthcare company has 89 medical laboratories which do six million tests each year for 92 private and public hospitals in Australia.

Details about the Attack

According to Australian Clinical Labs (ACL) statement, the leaked data include:

• 128,608 Medicare numbers and full names
• 28,286 credit card numbers, 12% of which have a CVV code, and 55% are expired
• 17,539 individual medical and health records associated with pathology tests

All impacted patients have been announced about the data breach and will be offered free credit monitoring and identity theft protection services, and ID document replacements if needed.

ACL notified Australian authorities: Australia’s Cyber Security Center (ACSC), and the Office of the Information Commissioner (OAIC). While ACSC was the one who alerted the Labs that stolen data is now on the dark web, the company says that for the moment there is no sign of malicious use of the information.

Quantum ransomware gang took responsibility for the attack posting all stolen files on its Tor site on June 14, 2022. The 86GB of data leaked contains patient and employee details, financial reports, invoices, contracts, forms, and subpoenas. The data leak page for MedLab on the Quantum ransomware’s website has been accessed 130,000 times.

A Nine Months Long Timeline

From the moment of the ransomware attack to yesterday’s notification nine months have passed, and Australian Clinical Labs (ACL) tries to motivate its delay by explaining the timeline.

ACL first detected the incident in February 2022, but the forensics did not reveal anything wrong. In March 2022, ACSC contacted them after finding out about the attack, and only in June 2022 ACSC warned about the data leak. So, five months have passed from the day of the attack until the data exfiltration was discovered.

Another four months went by from June 2022 to October 2022 until Australian Clinical Labs publicly disclosed the breach, claiming that “the data set was too complicated to quickly determine what customers were affected”, according to BleepingComputer.

It was not the first attack on Australian businesses, over the last two months we have seen cybercriminals targeting Optus, Medibank, MyDeal, and Vinomofo. This made the Australian government suggest a new data protection set of laws with more insight into cyberattacks and greater fines for companies not protecting their data.

Suggest an edit to this article

Cybersecurity Knowledge Base

Latest Cybersecurity News

Cybersecurity Academy

Homepage

source

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

• Globally, 30,000 websites are hacked daily.
• 64% of companies worldwide have experienced at least one form of a cyber attack.
• There were 20M breached records in March 2021.
• In 2020, ransomware cases grew by 150%.
• Email is responsible for around 94% of all malware.
• Every 39 seconds, there is a new attack somewhere on the web.
• An average of around 24,000 malicious mobile apps are blocked daily on the internet.