Security News > 2022 > October > Australian Clinical Labs says patient data stolen in ransomware attack

Australian Clinical Labs has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people.

While the firm says it's not aware of any misuse of the stolen information, it is notifying all impacted clients individually of what data was exposed in the attack.

In June 2022, the ACSC notified MedLab that the ransomware gang posted the stolen data to a data leak site.

As for the four more months from that point until today's disclosure, ACL says the data set was too complicated to quickly determine what customers were affected.

"Given the highly complex and unstructured nature of the data set being investigated, it has taken the forensic analysts and experts until now to determine the individuals and the nature of their information involved," explains ACL. Sydney-based reporter Jeremy Kirk tweeted that sources examining the leaked data confirmed it was unstructured but not to the point of taking months to analyze.

While hackers are likely not specifically targeting organizations in the country, the Australian government is proposing new data protection laws to provide greater insight into data breaches and to impose more significant fines on companies not adequately protecting data.

News URL

https://www.bleepingcomputer.com/news/security/australian-clinical-labs-says-patient-data-stolen-in-ransomware-attack/