UnitingCare Queensland restores key systems after ransomware attack

By

Says 'many' system integrations have also been re-enabled.

UnitingCare Queensland said it has restored its "key corporate systems" and re-enabled "many" integrations between systems following a ransomware infection in late April.

UnitingCare Queensland restores key systems after ransomware attack

The hospital and aged care facility operator said in an update last week that it had “made good progress in bringing ... systems and applications back online”.

It also said that it had “introduced improved security controls across [its] digital environment” in the wake of the attack.

This included “increased process controls and ... a market-leading endpoint detect-and-response (EDR) solution to provide ongoing protection,” it said in a statement dated June 10.

A UnitingCare Queensland spokesperson confirmed to iTnews that the statement is still the most current progress update.

The organisation had previously been unable to advise when it might be able to recover its systems. Its six-and-a-half week ordeal is unfortunately not unusual.

UnitingCare Queensland was a victim of the Sodinokibi/REvil malware, which encrypts files and tries to delete backups before demanding a ransom payment.

The incident took out a range of digital systems and forced facilities to use manual, paper-based workarounds.

The organisation said it continued to work with “third-party incident response and threat eradication specialists to ensure integrity across our digital environment”.

“We have taken rigorous measures to identify, contain and eradicate the threats responsible,” it said.

“UnitingCare continues to work closely with leading external technical and forensic advisors and the Australian Cyber Security Centre to respond to the incident.”

It added that it had “instructed external legal advisors to assist with responding to the incident from a privacy perspective”, though it said that “based on [its] assessment to date, there is no evidence that the health and safety of patients, residents or clients has been in any way compromised as a result of this cyber incident.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Services Australia's sweeping security uplift plans for myGov

Services Australia's sweeping security uplift plans for myGov

Medibank allegedly missed EDR alerts before data breach

Medibank allegedly missed EDR alerts before data breach

Northern Beaches Council reviews security stack to shore up widening perimeter

Northern Beaches Council reviews security stack to shore up widening perimeter

CrowdStrike rejects Delta Air Lines claims over outage

CrowdStrike rejects Delta Air Lines claims over outage

Log In

  |  Forgot your password?