Australia's largest Not For Profit health and aged care provider says the cyber attack that occurred in December did not involve the theft of personal information.
An investigation of the incident, which St Vincent's Health Australia first responded to on 19 December 2023, has not detected any further activity by cyber criminals since 20 December but on 21 December, the organisation discovered some data had been stolen.
Their investigations, which are ongoing, found no evidence personal information was contained in the stolen data and no data has been posted on the dark web, according to a statement.
St Vincent's Health Australia has engaged cyber security experts CyberCX to assist with the investigation, and is working with Australian Cyber Security Centre, the National Cyber Security Coordinator, the Australian Federal Police, the Office of the Australian Information Commissioner, and other State and Federal Government organisations.
St Vincent’s operates 26 aged care facilities and hospitals across NSW, Victoria and Queensland. No frontline services have been impacted, they said.
In recent years, both Regis Aged Care and UnitingCare Queensland have also fallen victim to cyber criminals.
