The chief executive of an Aboriginal health council has apologised for a security breach in which hackers accessed a reported 8,000 Aboriginal and Torres Strait Islander patient records.
Apunipima CEO Debra Malthouse said: "We sincerely apologise that this incident happened and for any concern it may cause our valued patients, client and staff across the Cape York region."
Apunipima is an Aboriginal Community Controlled Health Organsiation servicing 11 remote communities in Far North Queensland.
The apology follows a cyber breach in October 2022 in which an unknown third party gained unauthorised access to some of Apunipima's computer systems and may have viewed some personal information of patients, clients and staff. Ms Malthouse has defended the length of time it has taken to conclude the investigation.
Media reports at the time suggest that the hack was orchestrated by LockBit, which is malicious ransomware sofrware designed to block user access in exchange for a ransom payment.
The information mostly involved Medicare numbers and other transactional health information, such as healthcare identifiers. For a small number of individuals, other types of information may have been involved as well.
Other information accessed includes Tax File Numbers, contact information include street addresses, licence numbers, bank card copies, change of name certificates and superannuation membership identification information. An unidentified third party claimed responsibility for the hack in a post on the deep web, but authorities have not released any further information on where the hack might have originated from.
Ms Malthouse said that each individual is affected differently, and that if your infomation has been involved, that it will send a tailored statement via the post confirming what information was involved and what steps should be taken.
The incident was reported to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and relevant government agencies.
Apunipima also issued a number of public announcements that the incident had occured, providing advice to members of the community whose information may have been involved.
The Centre has released guidance to those affected to be aware of email, telephone and text-based scams, suggesting that anyone with further questions contact the Apunipima support team on (07) 4037 7192.