Date Posted: 19/09/2020
The cyber attack Anglicare Sydney has experienced is part of increased illegal cyber activity targeting the Australian health and aged care sectors alongside other sectors seeking to obtain funds via ransomware activity.
Anglicare Sydney had an incident response plan in place for this type of scenario whereby we could remediate with off-site backup systems and would not entertain engaging with cyber criminals.
Once the cyber attack was detected, Anglicare Sydney immediately embarked on remediation and investigation including the engagement of cyber security experts. A formal forensic investigation by third parties is still ongoing.
At this stage, there is no current evidence that data has been stolen. We have identified 17GB of data transmission to a remote location and this forms part of the forensic investigation in progress. It is therefore premature to speculate on the impact.
We immediately notified our third-party partners, including government agencies as required by agreements and legislation, along with relevant regulatory bodies. They’ve all responded as needed, including withdrawing access to their systems, resetting passwords and other security measures.
We have strengthened our existing cyber security measures alongside implementing the Australian Cyber Security Centre’s best practice and recommended cyber security precautions to our key stakeholders. We were already underway in implementing the Essential 8.
We have also notified the NSW Police and the Australian Signals Directorate.
Staff were notified immediately and continue to be kept up to date on activity.
The ransomware impacted Anglicare Sydney’s systems and not Government systems.
The attack has only affected Anglicare Sydney and no other Anglicare agency across Australia.
We appreciate the support from government, our partners, and law enforcement during this time, especially as incidents of cyber attacks increase and become more sophisticated.
Public Affairs Manager
0429 569 278