UnitingCare Queensland update on ransomware infection

Published on

UnitingCare Queensland said it had made “good progress” in restoring its computer systems and applications online after a ransomware infection in late April.

“This includes the restoration of our key corporate systems, as well as reinstatement of many of the integrations between applications supporting our business processes,” said UnitingCare Queensland in a statement.

UnitingCare Queensland, which provides aged care, disability support, health care and crisis response through Blue Care, Lifeline, The Wesley Hospital, St Andrew’s War Memorial Hospital, Buderim Private Hospital and St Stephen’s Hospital, was a victim of the Sodinokibi/REvil malware, which has been known to encrypt files and try to delete backups, before demanding a ransom payment since April 2019.

UnitingCare Queensland said it continues to partner with third-party incident response and threat eradication specialists to ensure integrity across its digital channels.

“We have taken rigorous measures to identify, contain and eradicate the threats responsible,” said UnitingCare Queensland.

“We have also introduced improved security controls across our digital environment, including increased process controls and implemented a market-leading endpoint detect-and-response (EDR) solution to provide ongoing protection.”

The Not For Profit said there was no evidence the health and safety of patients, residents or clients “has been in any way compromised as a result of this cyber incident.” The Australian Digital Health Agency (ADHA), which oversees the My Health Record system, stopped UnitingCare Queensland’s access.