Vic hospitals hit by cyber incident


Denham Sadler
Senior Reporter

A number of Victorian hospitals have been hit by a “serious cyber incident”, with patient records and information still inaccessible and entire systems left offline.

The Victorian government confirmed that the incident had been uncovered on Monday, with Gippsland Health Alliance and the South-West Alliance of Rural Health impacted by the hack.

These groups operate some of the largest hospitals in regional Victoria, including in Gippsland, Geelong, Warrnambool, Colac and Bairnsdale.

The incident involved the hackers blocking access to several systems at the hospitals and healthcare providers using ransomware.

The hack follows an Auditor-General report earlier this year that warned Victorian health data was “highly vulnerable” to attacks using “basic hacking tools”.

The state government is now working with Victoria Police and the Australian Cyber Security Centre to manage the attack.

The government said a “number of servers” around Victoria had been impacted, with hospitals forced to “isolate and disconnect” a number of systems, including the internet, leaving records and bookings being unable to be accessed.

“This isolation has led to the shutdown of some patient records, booking and management systems, which may impact on patient contact and scheduling,” the government said. “Where practical, hospitals are reverting to manual systems to maintain their services.”

This means that some patient appointments may have to be rescheduled or postponed, and that the histories, charts, images and other information of some patients cannot be accessed.

Despite this, the government said that “at this time there is no suggestion that personal patient information has been accessed”.

The Victorian Cyber Incident Response Service, which launched in July last year, was deployed following the hack, with government officials working with the impacted service providers overnight to mitigate the damage and shut off access.

“The priority is to fix all affected systems and prevent any further compromise,” it said.

The response service was established as part of the state’s Cyber Security Strategy as a way to better respond and mitigate cyber security incidents.

The service, which is funded by the Department of Premier and Cabinet, is on call 24-7 and has been called into action more than 600 times in the last 16 months.

Earlier this year the Victorian Auditor-General found that patient health data was “highly vulnerable” to cyber attacks using “basic hacking tools”. The Auditor-General successfully hacked into some of Victoria’s biggest health databases to demonstrate the “significant and present risk to the security of patient data and hospital services”.

“There are key weaknesses in health services’ physical security and in their logical security, which covers password management and other user access controls,” the report said.

The report found that “staff awareness of data security is low”, leading to increased risk of phishing attacks.

Victorian Premier Daniel Andrews confirmed the “serious incident” on Tuesday morning and said the state government had made efforts to address the concerns raised in the Auditor-General’s report from May.

“I wouldn’t want anyone in Victoria to think there hasn’t been a substantial investment of resources and skill and a real focus to make sure we’ve got a cybersecurity capability that keeps us safe. Any system can be subject to these sorts of attacks, these sorts of criminal acts,” Mr Andrews said.

“Let’s work out what’s gone on, who has done it and let’s get the system back online. Let’s get patients the care they need and work out what’s gone on and who has done it.”

The latest incident follows a private cardiology practice in Victoria being hit by a cyber attack in February which saw its medical files hacked and scrambled.

Do you know more? Contact James Riley via Email.

Leave a Comment