BREAKING: NCSC warns of “large-scale ransomware data breach incident” at Australian healthcare org – Cyber Daily

BREAKING: NCSC warns of “large-scale ransomware data breach incident” at Australian healthcare org

Australia’s National Cyber Security Coordinator has said they are working on a “whole-of-government response to this incident”.

The National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, has released a statement warning of a major ransomware attack and data breach involving an unnamed Australian healthcare provider.

“Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident,” Lieutenant General McGuinness said in a statement released only an hour ago on LinkedIn.

“I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government response to this incident.

According to Lieutenant General McGuinness, the Australian Signals Directorate’s Australian Cyber Security Centre, as well as the Australian Federal Police, are investigating the incident.

“We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident.”

Neither the AFP nor ACSC has any further information on their respective sites, and so far no known threat actor has claimed responsibility for the hack. If it is a ransomware attack, however, the threat actor will likely post something on the darknet shortly.

The National Cyber Security Coordinator has not named the healthcare provider.

Minister for Cyber Security Claire O’Neil has also released a statement.

“I have been briefed on this incident in recent days and the government convened a National Coordination Mechanism regarding this matter today,” O’Neil said in a LinkedIn post.

“The National Cyber Coordinator, Michelle McGuinness, is leading work across the Australian Government to support the company in managing this large-scale ransomware incident.

“Updates will be provided in due course. Speculation at this stage risks undermining significant work underway to support the company’s response.”

O’Neil, too, declined to name the provider, but we think it’s safe to assume this could be a bad one. We’ll have more news as it breaks.

UPDATE 16/05/24: Added comment from Minister for Cyber Security