Australian UnitingCare Queensland healthcare clinic said a cybersecurity incident has shut down some of its IT systems.
The healthcare organization provides aged care, health care, disability support, and crisis response services throughout the state of Queensland and the Northern Territory. It said the attack occurred on Sunday, April 25.
“As a result of this incident, some of the organization’s digital and technology systems are currently inaccessible,” it said in a statement.
Immediately after UnitingCare Queensland has fallen victim to a cyber incident, they started an investigation:
“As soon as we became aware of the incident, we engaged the support of lead external technical and forensic advisors.”
UnitingCare also notified the Australian Cyber Security Centre (ACSC) and said it was working closely with the center to investigate the incident.
The organization also said they switched to pen and paper to ensure continuity of their core services.
“Where manual processes cannot be implemented, services are being redirected or rescheduled accordingly,” it added.
The clinic said they can’t currently provide a resolution timeframe but only said its security and IT teams are working to resolve the issue as soon as possible.
“We are committed to keeping our people, patients, clients, and residents informed and safe as we work to resolve this incident, and will provide further relevant updates as new information comes to hand,” the statement continued.
Last year, the ACSC warned aged care and healthcare providers of ongoing ransomware campaigns:
“Cybercriminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks,” the ACSC wrote at the time. “This is because of the sensitive personal and medical information they hold, and how critical this information is to maintain operations and patient care. A significant ransomware attack against a hospital or aged care facility would have a major impact.”