Skip to content

Data of domestic violence victims exposed in ZircoDATA hack

Victorian public health service Monash Health has recently disclosed that it has been affected by the recent hacking of ZircoDATA.

In February, ZircoDATA, which provides secure document storage, information governance, digital conversion, and destruction for 9,000 clients across Australia, reported a breach in its system. The Victoria-based company also handles some of Monash Health’s archived historical documents. 

On 3 May, Monash Health said some of its historical data relating to domestic violence victims were exposed in the hack.

“Investigation analysis indicates that the Monash Health information involved in the ZircoDATA data breach relates to a selection of archived data from the family violence and sexual assault support units at Monash Medical Centre, the Queen Victoria Hospital, and Southern Health, limited to the period from 1970 to 1993,” said Eugine Yafele, Monash Health chief executive, in a statement.

The National Office of Cyber Security has been made aware of this development. 

Monash Health assured that its systems have not been compromised nor impacted by the cyber attack. 

“Monash Health is deeply sorry that the external breach has occurred, and we continue to work with ZircoDATA in the investigation,” Yafele said. 

THE LARGER TREND

Over the dark web, the ransomware gang Black Basta has claimed responsibility for hacking ZircoDATA, saying it has stolen about 395 gigabytes of data that includes financial documents, personal information, and confidentiality deals. It initially set a ransom deadline on 1 March. 

Lieutenant General Michelle McGuinness, National Cyber Security Coordinator, said it has been supporting ZircoDATA in reaching out to its affected clients. She noted that other government entities have also been affected. 

“The majority of these entities are still in the process of working with ZircoDATA to identify impacted data and any victims, and are yet to begin notifying impacted individuals. There are clear processes for ZircoDATA and the affected government entities to work through,” McGuinness said.

Before the new year, St Vincent’s Health, one of the biggest not-for-profit health and aged care providers in the country, also reported a data breach by still unidentified hackers, though it said no sensitive data were pilfered. 

Leave a Reply

Your email address will not be published. Required fields are marked *