Cyber Incident Victim: Perth Anaesthetic Group
Date:
Oct 2019
Location:
Australia
Summary
A medical practice experienced a cybersecurity breach where unauthorized actors gained access to its database, compromising patients' confidential information. The attackers exploited this access to send fraudulent invoices demanding payment for treatments, though no ransom was paid and the breach was contained within minutes. Affected individuals were notified promptly, and security measures were subsequently enhanced. A medical association representative highlighted the exposure of sensitive patient data, emphasizing the persistent threat of such attacks and the necessity for continuous vigilance in cybersecurity practices within healthcare environments.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 31, 2019, Perth Anaesthetic Group, a medical practice in southern Perth, experienced a cybersecurity breach when unidentified attackers infiltrated the organization's database. The intrusion occurred on a Thursday morning and resulted in unauthorized access to patients' confidential information. Following the compromise, the perpetrators initiated a fraudulent invoicing scheme, sending counterfeit payment demands to multiple patients for purported treatments. Management detected the breach within minutes of its occurrence, according to Jane McGrath, the group's manager. The practice contained the incident promptly and directly notified affected individuals. McGrath explicitly confirmed no ransom demands were made by the attackers and emphasized that no payments were made to the criminals. In response to the breach, the organization implemented enhanced security measures and communicated these improvements to patients via email to reassure them about ongoing protections.
The attack exposed sensitive patient data, though specific details regarding the volume of compromised records or precise data types were not disclosed publicly. Andrew Miller, Western Australia President of the Australian Medical Association, characterized the accessed information as highly sensitive and highlighted the broader cybersecurity challenges facing medical practices. He emphasized the necessity for continuous updates to security protocols and heightened suspicion toward unsolicited communications like email attachments. While financial fraud attempts occurred through the fake invoices, no confirmed monetary losses from patients were reported. The incident underscored operational disruptions and reputational risks associated with healthcare data breaches, though the practice maintained control over containment efforts without further escalation.