Australia Pathology Service Provider Hacked, Data of Thousands of Patients Stolen as Hacking Epidemic Widens

Australian Clinical Labs said it first knew of unauthorised access to the IT system of its pathology unit, Medlab, in February.

By Reuters | Updated: 27 October 2022 17:09 IST

Australia Pathology Service Provider Hacked, Data of Thousands of Patients Stolen as Hacking Epidemic Widens

Photo Credit: Pexels/ Sora Shimazaki

ACL said it then hired forensic analysts to study the "complex and unstructured" dataset

Highlights

ACL shares hit their lowest point after the disclosure
Revelation comes a day after extent of Medibank breach was announced
ACL says there was no ransom demand or evidence of misuse of the data

Australian Clinical Labs, one of Australia's largest pathology providers said hackers stole medical data of thousands of patients, the country's second such breach in two weeks, deepening fears about how companies collect sensitive customer information. The disclosure on Thursday sent shares of Australian Clinical Labs to their lowest point since listing last year and extends a wave of hacks that has shaken the country's biggest companies. A day earlier, the country's top health insurer Medibank said criminals took data of all 4 million of its customers.

ACL said it first knew of unauthorised access to the IT system of its pathology unit, Medlab, in February and received advice that no information was compromised. The government cybersecurity agency notified it in June that its data had been posted on the Dark Web, a system of websites only accessible through certain browsers.

The company said it then hired forensic analysts to study the "complex and unstructured" dataset found there, learning that 223,000 patients' data had been exposed, including medical and health records for about 18,000 people.

Hackers Threaten to Leak Health Data Stolen From 1,000 Australian Celebs

There was no ransom demand or evidence of misuse of the data, but "we recognise the concern and inconvenience this incident may cause those who have used Medlab's services and have taken steps to identify individuals affected", ACL Chief Executive Officer Melinda McGrath said in a statement.

Private equity firm Crescent Capital, which listed ACL in 2021 and holds 23 percent of its shares, declined to comment. Crescent sold 14.3 percent of the company in August, stock market filings show.

Outside of health providers, corporate Australia has been bracing since September 22, when the country's second-largest telco, Singapore Telecommunications-owned Optus, disclosed a breach of up to 10 million customer accounts, equivalent to 40 percent of the country's population.

Top grocery chain Woolworths then revealed that the data of millions of customers using its bargain shopping website had been compromised. A raft of smaller and unlisted companies have also made breach notifications, prompting lawyers to question the amount of data that private enterprises are allowed to collect, and for how long.
© Thomson Reuters 2022

5G is here. Should you buy a 4G phone? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.