15,000 medical records of patients
from a cardiology unit at Cabrini Hospital in Malvern, Australia were
compromised and encrypted in a ransomware attack at the end of January, reports
Australian newspaper The Age. The
attackers demanded ransom in cryptocurrency for a decryption key that would let
staff read the documents again.

Even though the culprits haven’t officially
been identified, the daily said the malware may have come from North Korea or
Russia. It is believed ransom was eventually paid, but not all files were retrieved,
“among them patients’ personal details and sensitive medical records that could
be used for identity theft.” This statement was not confirmed by a hospital
spokeswoman.  

A number of patients were
informed, without extensive details, that their data was lost, while others
showed up for appointments that were no longer visible in the hospital’s
network.

Government agencies are working
with the hospital to shed light on the criminal gang and how they compromised
the servers and data. Australia Cyber Security Centre is also helping the
institution handle the incident.

The security incident has been addressed
and data privacy was not compromised, according to Melbourne Heart Group,
which announced the breach on February 25.

“Melbourne Heart Group wishes to
advise all our patients that the cybersecurity incident we experienced in late
January has been resolved,” reads their website. “The data has been decrypted
and our systems have been restored. Once again we would like to emphasize that
patients’ privacy has not been compromised or breached. No information left our
computer system – it was encrypted so that no one could see it, even ourselves.
We would like to thank all our patients for their understanding over this
period.”