Compumedics has informed SA Health of the ransomware attack which has taken names, addresses, phone numbers, date-of-birth information, and limited clinical information.
The data of 2254 patients who took part in sleep studies at the Women’s and Children’s Health Network in South Australian has been compromised in a ransomware attack upon software and equipment company, Compumedics.
SA Health announced today that Compumedics informed them of the month-long attack on 17 April, after notifying the ASX on 28 March.
Compumedics told SA Health that following its investigations the files of 2254 WCHN patients are likely to have been among those impacted. Over the past week SA Health has worked to verify this information and identify the patients likely to be impacted.
“On behalf of Compumedics, we are contacting each sleep study patient or family who has been impacted and have also established a helpline on (08) 7111 3699 for anyone who needs additional help or information,” said SA Health CEO Dr Robyn Lawrence.
“As soon as Compumedics revealed the initial national ransomware attack we took immediate action to suspend access to the Compumedics software and related devices from our network.
“Now as soon as we have been made aware that South Australian sleep study patients are likely to be affected, we have taken immediate action to verify that information, notify patients and the public.
“This incident has impacted Compumedics software directly and there is no evidence of a breach of any SA Health operated IT system.”
WCHN is assisting Compumedics by providing a disclosure letter to the patients and families who the vendor has identified as being impacted. According to SA Health, those letters were sent today.
It appears from the information Compumedics has provided that patients who have used the inpatient sleep service at the Women’s and Children’s Hospital since 2018 have been impacted. This includes a small number of patients who are now adults.
Compumedics has advised that no financial information, Medicare numbers or bank account details have been taken. However, names, addresses, phone numbers and date-of-birth information, and limited clinical information have been accessed.
Compumedics has advised that identity theft and potential scams are the biggest risk to patients impacted.
Compumedics provides software for sleep studies and sleep research in hospitals across Australia and internationally. While Compumedics has advised that WCHN it is the only SA public hospital affected, SA Health has not been provided with information of other systems impacted nationally or internationally.
