NSW Health confirms personal data has been accessed following Accellion hack

NSW Health has confirmed that personal data may have been accessed during the global Accellion cyber attack last December, but says medical record systems were not affected and it is no longer using the legacy software.

US-headquartered Accellion, which specialises in secure file sharing software, saw its legacy File Transfer Appliance software hacked in a zero-day exploit last year, with around 100 organisations around the world affected, including Shell Oil, the University of California, the Australian Securities and Investments Commission, the Reserve Bank of New Zealand and NSW Health.

Posted in Australian eHealth

Tags: NSW Health

Comments  

0 # Ari Sperlby 2021-06-09 11:31
So:
We don't know when it happened, when it was discovered, whether the breach was used to target other systems, when it was stopped, how many people are affected or what specific data was breached.
It was discovered elsewhere in Dec, affected ASIC in Jan. They're saying it was a "zero-day exploit", so assuming they were breached in Dec / Jan (or they failed to patch / disable the service, and were compromised later), then they uncovered it soon after, it's now taken 6 months to announce it.
Looks like NSW Health have some questions to answer. And when does Strike Force Martine report back (about the impact of the attack on NSW government agencies)?

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.

Copyright © 2021 Pulse+IT Communications Pty Ltd
No content published on this website can be reproduced by any person for any reason without the prior written permission of the publisher.
Supported by Social Media Agency | pepperit