[BreachExchange] Hackers responsible for Brisbane hospital cyber attack identified

[Destry Winant]

https://www.smh.com.au/national/queensland/hackers-responsible-for-brisbane-hospital-cyber-attack-identified-20210506-p57pj4.html

A cyber-attack that technologically crippled two Brisbane hospitals and
several aged care facilities was launched by the same group that targeted
Apple and tried to extort millions, it has been revealed.

The attack forced staff at the Wesley and St Andrews War Memorial hospitals
to switch to manual processes after the organisation was targeted on April
25.

UnitingCare’s operational systems, including internal staff email and
patient operation booking, were affected.

The Wesley Hospital, in Brisbane's inner-west.
The Wesley Hospital, in Brisbane's inner-west.CREDIT:AUSTRALIAN TRAFFIC
NETWORK

UnitingCare confirmed on Wednesday the group claiming responsibility for
the incident had identified themselves as REvil/Sodin.

“Due to the recency of the incident, it is not possible to provide a
resolution timeframe at this stage, however we can confirm that we are
making significant progress towards securing, cleansing, and recovering our
systems,” a statement read.

“Some systems have already been reinstated with cyber security testing now
underway.

“With the assistance of leading experts and advisers, we are conducting a
thorough investigation into whether patient, client, resident or employee
information has been breached.”

REvil, also known as Sodinokibi, is a ransomware group known for attacks on
major organisations across the world.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210512/5959e25c/attachment.html>