Prominent aged care and hospital operator UnitingCare has confirmed it has been hit by a ransomware attack launched by a high-profile ring of cybercriminals.
The group is known as REvil/Sodin, and is the group responsible for a number of high-profile hacks, including ransomware attacks launched against tech companies, law firms and healthcare providers in the past.
In their most recent campaign, the networks of aged care and hospital operator UnitingCare was hit by a ransomware attack that has seen its suspension from the nation’s My Health Record system as a precautionary measure.
Get ISO 27001 – Information Security – Certification With Best Practice
A ransomware attack targets an organisation’s network and sensitive information, and encrypts the data, which is made inaccessible even by the owner, until a ransom is paid – usually in the form of crypto currency.
The Australian Digital Health Agency (ADHA) is responsible for operating Australia’s My Health Record system, and confirmed that it closed UnitingCare Queensland’s access to the system as a precaution.
UnitingCare opreates a number of aged care and disability facilities throughout Queensland, as well as Wesley and St Andrew’s hospitals in Brisbane, St Stephen’s hospital in Hervey Bay, as well as the Buderim Private Hospital on Queensland’s Sunshine Coast.
UnitingCare Queensland is yet to confirm the scale of the ransomware attack, but corporate affairs director Matthew Cuming has said that a number of its systems remain inaccessible to hospital and administrator staff.
“With the assistance of leading experts and advisers, we are conducting a thorough investigation into whether patient, client, resident or employee information has been breached,” he said.
“The investigation is continuing and we will continue to keep the people we are for updated in this regard, in addition to employees, regulators and other stakeholders.”
Aged Care, Hospital Operator UnitingCare Hit by Ransomware Attack

Mr Cuming confirmed that UnitingCare has regained a number of key operational areas, but was unable to confirm a timeframe for the entire system coming back online.
According to a report from the ABC, a patient in one of UnitingCare’s facilities “knew immediately there was a problem when the wifi stopped working on April 25, then they notified staff struggling with communication and accessing patient records.”
Privacy Commissioner of Queensland, Philip Green has told the ABC he is not surprised by revelations of the ransomware attack against Unitingcare, stating that “I’ve been saying since my appointment that you really need to be aware and prepared” of cyber risks.
“Telling your employees and making them aware and training them, and having a culture in the organisation that respects and protects privacy, and also is aware of some of the data security risks and issues is really, really important – more than ever now,” he added.
“I know the Queensland Government state hospitals were looking closely at those events and making sure that they weren’t next on the track,” Green said, adding that “the UnitingCare breach that’s not going to be unique and other hospitals have to be vigilant about that and other healthcare systems too, to avoid that from happening to themselves.”