cyber Cyber Attack

Monash IVF Group

May 11, 2023 1 min read
Monash IVF Group

Monash IVF Group warned patients that it could not rule out the possibility their personal information has been breached following a widespread cyberattack on staff emails.

During the deliberate phishing assault, it was discovered that scammers gained access to the emails, email addresses, and address books of several staff members.

The organisation announced the initiation of an inquiry by a team of forensic IT professionals to find out how the server was compromised and whether patient personal information was accessed.

In spite of the fact that the inquiry revealed that private patient databases were unharmed, the national reproductive firm warned patients via email on Tuesday afternoon that staff emails containing private patient data, including medical histories, may have been compromised.

Source: https://www.smh.com.au/national/fears-over-patient-data-breach-after-cyber-attack-on-monash-ivf-20191203-p53gj0.html

TPRM report: https://scoringcyber.rankiteo.com/company/monash-ivf

"id": "mon271523",
"linkid": "monash-ivf",
"type": "Breach",
"date": "12/2019",
"severity": "50",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Monash IVF Group',
                        'type': 'Organization'}],
 'attack_vector': 'Phishing',
 'customer_advisories': ['Email notification to patients'],
 'data_breach': {'personally_identifiable_information': ['Emails',
                                                         'Email addresses',
                                                         'Address books',
                                                         'Private patient data',
                                                         'Medical histories'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Emails',
                                              'Email addresses',
                                              'Address books',
                                              'Private patient data',
                                              'Medical histories']},
 'description': 'Monash IVF Group warned patients that it could not rule out '
                'the possibility their personal information has been breached '
                'following a widespread cyberattack on staff emails.',
 'impact': {'data_compromised': ['Emails',
                                 'Email addresses',
                                 'Address books',
                                 'Private patient data',
                                 'Medical histories'],
            'systems_affected': ['Staff emails']},
 'initial_access_broker': {'entry_point': 'Phishing attack',
                           'high_value_targets': ['Staff emails']},
 'investigation_status': 'Ongoing',
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': ['Phishing attack']},
 'response': {'communication_strategy': ['Email notification to patients'],
              'third_party_assistance': ['Forensic IT professionals']},
 'threat_actor': 'Unknown scammers',
 'title': 'Monash IVF Group Email Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.