Security News Australian Clinical Labs says patient data stolen in ransomware attack


Level 66
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people.

ACL is an Australian healthcare company that operates 89 laboratories and performs six million tests annually, offering its services to 92 private and public hospitals across Australia.

While the firm says it’s not aware of any misuse of the stolen information, it is notifying all impacted clients individually of what data was exposed in the attack.

A data breach incident notification published today gives the following summary of leaked data:
  • 128,608 Medicare numbers, along with full names.
  • 28,286 credit card numbers, 12% of which include CVV code, and 55% expired.
  • 17,539 individual medical and health records associated with pathology tests.
Australia’s Cyber Security Center (ACSC) and the Office of the Information Commissioner (OAIC) have already been notified about the incident earlier in the year, with ACSC initially warning MedLab that hackers posted their data to the dark web.

All impacted individuals will also be offered free-of-charge credit monitoring and identity theft protection services, while ACL will cover the costs of ID document replacements where needed.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.