Regis hit by ransomware attack – Department of Health issues urgent warning to other providers

Published on

The listed operator has had personal data stolen from its IT system – with some data released publicly –in a blatant cyber-attack – prompting the Government to warn other providers to be on alert.

Regis issued an update to investors to advise that it had been the target of a cyber-attack by an “overseas third party”.

CEO Linda Mellors said Regis was contacting parties whose personal data had been exposed and the incident had not affected delivery of resident care or services.

“Our priority is maintaining safe and reliable operations while ensuring the security of personal information of our residents, clients, and employees,” Dr Mellors said.

“To this end, we are working with expert IT and security advisers to continue to investigate and deal with this incident.”

The incident has been reported to the Office of the Australian Information Commissioner, the Australian Cyber Security Centre and other regulatory bodies.

The attack prompted the Department of Health to send out a new guide from the Australian Cyber Security Centre (ACSC) to providers late on Sunday advising them to never pay a ransom demand, but identify and backup any critical information and systems; keep systems and software up to date through regular patching; and use up to date antivirus software.

How many operators still rely on paper-based or dated software systems however?

Paper-based systems may be safe by comparison, except if someone picks up the records and walks out.

Share.