Cyber-attacks on a number of Victorian hospitals could have been prevented if the Andrews Labor Government had implemented recommendations of an Auditor General report from May which warned the State’s hospital systems were ‘highly vulnerable’ and needed urgent action.
In May 2019, the Victorian Auditor General handed down a scathing report against the Andrews Government into Security of Patients’ Hospital Data. The report found:
Specifically, the audit found “significant weaknesses in how the Rural Health Alliance and the audited health service manage data security” and that DHHS was currently reviewing joint-venture agreements for Rural Health Alliances.
The audit followed an attack in February 2019 where a cardiology service provider located within a Melbourne private hospital experienced a ransomware attack.
In that case, a cybercrime group gained access to the cardiology patient system, encrypted approximately 15 000 patient files, and demanded a ransom in exchange for a password to fix the data. Media reports indicated that the cardiology provider was unable to access some patient files for more than three weeks, and that patients arrived for appointments that had been deleted.
Comments attributable to Shadow Minister for Health, Georgie Crozier:
“Daniel Andrews and Jenny Mikakos were warned 125 days ago that Victoria’s public health system was highly vulnerable to cyber-attack and today they must explain to Victorians why a significant breach has occurred.
Victorian patients deserve to have full confidence in our health system and that this attack has not occurred because key warnings were ignored.
With Victoria’s health and hospital networks currently facing significant financial pressures and ongoing cuts, the Andrews Labor Government must also confirm that no shortcomings to online security have occurred due to Labor’s health cuts.”
Please download this press release as a PDF