2/21/2019
EXCLUSIVE
Latest & Breaking News Melbourne, Victoria | The Age
NATIONAL
VICTORIA
HEALTH
nhom
Crime syndicate hacks 15,000 medical
files at Cabrini Hospital, demands
ransom
tien chuoc
By Cameron Houston and Anthony Colangelo
February 20, 2019 — 11.45pm
lam roi, xao tron
A cyber crime syndicate has hacked and scrambled the medical files of about 15,000 patients from
a specialist cardiology unit at Cabrini Hospital and demanded a ransom.
The attack is now the subject of a joint investigation by Commonwealth security agencies.
Melbourne Heart Group, which is based at the private hospital in Malvern, has been unable to
access some patient files for more than three weeks, after the malware attack crippled its server
and corrupted data.
lam hong
The malware used to penetrate the unit's security network is believed to be from North Korea or
Russia, while the origin of the criminals behind the attack has not been revealed.
The online gang responsible for the data breach demanded a ransom be paid in cryptocurrency
before a password would be provided to break the encryption.
The Age understands that a payment was made, but some of the scrambled files have not been
recovered, among them patients' personal details and sensitive medical records that could be used
for identity theft.
Some patients were told that their files had been lost but were not given any explanation. Others
have turned up for appointments for which the hospital had no record.
The Australian Cyber Security Centre, which is part of the Australian Signals Directorate – the
government agency responsible for Australia's cyber warfare and information security – said it was
assisting the hospital with cyber security advice.
The Australian Federal Police has also been briefed.
A Melbourne Heart Group spokeswoman said it was working with government agencies to resolve
the issue.
https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html
1/4
2/21/2019
Latest & Breaking News Melbourne, Victoria | The Age
"The protection of personal patient information is of the utmost importance ... patient privacy has
not been compromised in this instance," the spokeswoman said.
She also stressed there was no link between the encypted data and any function relating to cardiac
implantable electrical devices, such as pacemakers and defibrillators.
The spokewoman would not say how many files had been affected or whether a ransom had been
paid.
The latest hack is expected to fuel calls for the federal government to reinforce the nation's cyber
defences, particularly email security.
thua nhan
This week, the Morrison government conceded federal parliament and major political parties'
security systems had been compromised by what was believed to be a state-based cyber attack.
lam ton thuong, lam hai, dan xep, thoa hiep
Professor Matt Warren, deputy director of Deakin University’s Centre for Cyber Security Research,
said the data breach at Melbourne Heart Group was most likely a “ransomware” attack.
tinh co
Someone, probably a staff member, using the hospital’s software could have inadvertently opened
a corrupted link on a phishing email allowing ransomware, a form of malware, into the hospital’s
system, Professor Warren said.
From there, the attackers encrypt sensitive information from hospital servers, essentially locking
it away from access by medical staff.
“Then they say to the hospital ‘you must pay us to get your data back’,” Professor Warren said.
“It’s sophisticated in that you have to get the malware onto the hospital system, but once you
have done that then it is relatively easy.
https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html
2/4
2/21/2019
Latest & Breaking News Melbourne, Victoria | The Age
“Other than the cost it isn’t hard to be protected from this … organisations need to update and
patch their security and systems regularly because the problem you have is the hackers'
capabilities are becoming more sophisticated.”
These types of breaches stem from the worldwide “WannaCry” ransomware attack in May 2017.
One of the largest hit by this attack was Britain’s National Health Service, where it was estimated
up to 70,000 hospital devices in England and Scotland were impacted.
Non-critical emergencies and some ambulances were turned away from hospitals hit by the attack,
operations were cancelled and accident and emergency centres were closed.
The healthcare sector has become a preferred target for many online criminals after the
Hollywood Presbyterian Hospital in Los Angeles revealed it paid $17,000 in bitcoin to hackers who
had seized control of its computer network.
And the massive hack of US health insurance giant Anthem in 2015 – when the personal
information of more than 79 million Americans was exposed – further identified the sector's
vulnerability to data breaches and potential for identity theft.
Cameron Houston
Senior Crime Reporter
Anthony Colangelo
Anthony is a reporter at The Age
https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html
3/4
2/21/2019
Latest & Breaking News Melbourne, Victoria | The Age
https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html
4/4