Medlab Data Breach

Australian Clinical Labs (ACL) has revealed that its Medlab Pathology business fell victim to a data hack on Thursday, leaving as many as 223,000 patient accounts vulnerable.

Alarmingly, this marks corporate Australia’s fourth major hack in the space of less than two months. Health insurance giant Medibank, Woolworth Group’s online retailer MyDeal and tech firm Optus have previously suffered significant data breaches that have compromised the data security of millions of customers.

According to ACL, nearly 18,000 health and medical pathology test records have been compromised in the hack, in addition to 28,000 credit card numbers and over 125,000 Medicare numbers. Most of the affected patients are restricted to Queensland and New South Wales.

The company did clarify that, as of yet, there hasn’t been any evidence to suggest that the breach has led to any misuse of information, and neither has any demand been made of ACL or Medlab. The compromised Medlab server has been shut down, and the rest of ACL’s systems remain intact.

Now, ACL’s plan of action is to get in touch with the impacted individuals through “individually tailored notifications” as a first priority. The patients in question would be contacted through email and postal mail and given information regarding the implications of the incident.

The firm has put in place a special inbound response team that will work around the clock to answer any queries the notified persons might have, as well as to brief them about what they need to do to better protect their data moving forward.

“On behalf of Medlab, we apologize sincerely and deeply regret that this incident occurred. We recognize the concern and inconvenience this incident may cause those who have used Medlab’s services and have taken steps to identify individuals affected. We are in the process of providing tailored notifications to the individuals involved. We want to assure all individuals involved that ACL is committed to providing every reasonable support to them. We will continue to work with the relevant authorities,” ACL CEO Melinda McGrath said in a statement.

According to the timeline announced by Medlab, the company detected unauthorized access on its servers back in February. However, it couldn’t find any evidence to suggest that any crucial information had leaked.

A month later, the Australian Cyber Security Centre (ACSC) contacted ACL and informed them that the company may have suffered from a ransomware incident. However, the company remained steadfast in its claim that no critical information had been leaked anywhere.

In June, ACSC again reached out to and told ACL that Medlab data had been compromised and the stolen information had been made available to download on the dark web. Upon learning this, ACL immediately took steps to locate the dataset from the dark web and made serious efforts to permanently eradicate it. The ransomware-as-a-service organization that created the Quantum malware claimed responsibility for the breach on its leak site by publishing an 86 GB file.

It has taken forensic analysts this long to definitively identify the people and the type of information involved in the breach because of the highly complex nature of the data under investigation.

ACL has decided to offer affected patients free-of-charge credit monitoring and document replacement, and the company continues to work with federal- and state-level authorities to learn more about the issue.

Leave a Reply