Hackers target Crown Princess Mary Cancer Centre in Sydney
A ransomware gang is claiming to have breached a Sydney cancer hospital, and is threatening to release data unless payment is made.
A ransomware gang is claiming to have breached a Sydney cancer hospital, and is threatening to release data unless payment is made.
NSW Health confirmed it was aware of the threats made against the Crown Princess Mary Cancer Centre at Westmead Hospital, and was investigating.
The global ransomware gang Medusa posted on the dark web that it had breached the cancer centre, and set a seven-day countdown clock, appearing to indicate it had set a deadline for a ransom demand to be met.
The Crown Princess Mary Cancer Centre, named for the Tasmanian-born Crown Princess Mary of Denmark, is affiliated with the University of Sydney and the University of Western Sydney and according to its website places a high importance upon training the next generation of doctors and other health professionals.
NSW Health did not say what data, if any, had been compromised.
“On Thursday 4 May, NSW Health was alerted of a ransomware threat involving the Crown Princess Mary Cancer Centre located on the Westmead Health Campus,’’ a spokesperson said.
“The Crown Princess Mary Cancer Centre is an affiliated health organisation and part of the Sydney West Cancer Network. It provides fully integrated research, prevention, diagnostic, treatment and rehabilitation programs for patients and families coping with cancer.
“NSW Health is working with the Centre to assess if any NSW Health data has been impacted.
“The safety and security of all NSW Health systems remains of highest importance and is continually monitored and safeguarded.
“NSW Health works closely with State and Federal Government cyber security agencies to ensure that any cyber event is prevented, detected and responded to in the most appropriate manner.’’
Medusa ransomware was first detected in June 2021 but has begun gaining traction this year with a number of high-profile attacks globally.
The gang using the ransomware recently attacked the Minneapolis Public Schools district in the United States, encrypting around 100 gigabytes of data and demanding a US $1 million ransom to unlock it.
When the school district refused to pay and managed to unlock the data themselves, the Medusa cyber criminals published it online, including highly personal information such as the results of intelligence tests, the names of children with special needs and allegations of teacher abuse.
The gang uses its own site, Medusa Blog, to advertise its so-called cyber hacking successes and to publish stolen data, which it also promotes via Telegram channels.
Last month it disrupted the Open University of Cyprus with a large-scale cyber-attack, and also gained access to the database of the Bank of Africa.
Australia has been hit with a number of cyber-attacks and ransom demands this year, with organisations and companies including Latitude Finance, Rio Tinto, Crown Resorts, the University of Melbourne and the Tasmanian Government all falling victim.
A-G slams Dutton for ‘fabrication’
The Coalition will seek to amend the Albanese government’s higher education code bill to include anti-Semitism, opposition education spokeswoman Sarah Henderson has declared.
‘Summer of hatred’ sparks tough new laws
The NSW government has introduced reforms to end the state’s ‘shameful chapter’ after shocking anti-Semitic attacks, but the Liberals have gone further, proposing a terrorist flag clampdown and stronger penalties.