Monash Health, a Victorian public health agency, has announced that it had been impacted by the recent ZircoDATA hack.
Earlier this year in February, ZircoDATA, which provides safe document storage, data management, and digital conversion of 9,000 clients across Australia, reported a system vulnerability. The Victoria-based company also manages some of Monash Health's archived historical documents.
Monash Health stated on May 3 that the hack revealed some of its historic data on domestic violence sufferers.
"Investigation analysis indicates that the Monash Health information involved in the ZircoDATA data breach relates to a selection of archived data from the family violence and sexual assault support units at Monash Medical Centre, the Queen Victoria Hospital, and Southern Health, limited to the period from 1970 to 1993," noted Eugine Yafele, Monash Health chief executive, in a statement.
The National Office of Cyber Security has been informed of this incident. Monash Health said that the cyber attack had not compromised or damaged its systems.
"Monash Health is deeply sorry that the external breach has occurred, and we continue to work with ZircoDATA in the investigation," Yafele added.
The larger trend
The ransomware group Black Basta has taken credit for breaking into ZircoDATA on the dark web, claiming to have stolen nearly 395 gigabytes of data, including confidential agreements, financial papers, and personal data. The first ransom deadline was March 1st.
ZircoDATA has received support from Lieutenant General Michelle McGuinness, the National Cyber Security Coordinator, in notifying its impacted customers. She added that other branches of the government have also been affected.
"The majority of these entities are still in the process of working with ZircoDATA to identify impacted data and any victims and are yet to begin notifying impacted individuals. There are clear processes for ZircoDATA and the affected government entities to work through," McGuinness noted.
Before the new year, St Vincent's Health, one of the country's largest not-for-profit health and aged care organisations, disclosed a data breach by unidentified hackers, though no sensitive information was stolen.