Regis

Regis is an Australian aged care operator, also known as Regis Aged Care or Regis Healthcare, providing residential care services for elderly individuals. The organisation operates facilities within Australia's healthcare sector, delivering essential support and accommodation for seniors requiring assisted living. Its core function involves the ongoing management and daily care of residents, which includes handling sensitive personal and medical information as part of standard operations. The company's position within the aged care market is defined by its service delivery to a vulnerable population, placing it within a critical infrastructure domain subject to specific privacy and health regulations. A defining and publicly documented event in the organisation's recent history is a severe cybersecurity incident that directly impacted its data security posture and resident privacy.

On 3 August 2020, Regis was the victim of a ransomware attack attributed to the overseas threat actor known as the Maze Team. The attackers successfully infiltrated the company's servers, exfiltrating a significant volume of data before deploying ransomware. The stolen data included both general facility documents and specific records containing personal information and photographs of residents, which were subsequently published on the Maze leak site. A notable aspect of this breach was that while sensitive data was copied and dumped, the operational services providing care to residents remained unaffected during the immediate incident, suggesting a degree of segregation between clinical care systems and the compromised administrative servers. This attack was not isolated, as the Maze Team simultaneously targeted another healthcare facility, indicating a coordinated campaign against the health sector. The public release of resident data via a dedicated leak site and a compressed archive underscored the extortionate nature of the attack, where data theft preceded the encryption of systems to increase pressure for payment. This incident highlights the acute risk that aged care providers face from financially motivated cybercriminal groups that specifically target the healthcare sector for the high-value personal data it holds. The event serves as a clear case study of a ransomware operation where data exfiltration and public shaming were central components, directly compromising the privacy of the organisation's clients despite the continuity of physical care services.