A major cancer treatment centre has been targeted by hackers, with the group giving the centre just seven days to fork over $100,000 or risk personal data being released online.
NSW Health was alerted to a ransomware threat at the Crown Princess Mary Cancer Centre at Sydney’s Westmead Hospital late on Thursday.
Twitter account FalconFeedsio released a statement about 3pm by Medusa, a group purporting to be behind the attack.
“Medusa ransomware group added The Crown Princess Mary Cancer Centre based in Australia to their victim list,” the statement claimed.
“They claims to publish organisations data in seven days.”
An image attached to the statement displayed an $100,000 fee to download or delete data, as well a $10,000 fee to “add time one day”.
The Medusa group is believed to have emerged in June 2021 and has been highly active in the Australia and the Pacific.
The Crown Princess Mary Cancer Centre is part of the Sydney West Cancer Network and provides fully integrated research, prevention, diagnostics, treatment, and rehabilitation programs for patients and families coping with cancer.
A spokesman for NSW Health said officials were investigating the suspected attack, but claimed it had not appeared to have impacted any NSW Health databases or the databases of the Crown Princess Mary Cancer Centre databases.
“The safety and security of all NSW Health systems remains of highest importance and is continually monitored and safeguarded,” the spokesman said.
“NSW Health works closely with state and federal Government cyber security agencies to ensure that any cyber event is prevented, detected and responded to in the most appropriate manner.”
The suspected attack comes after a string of high-profile cyber attacks, including a 2022 attack on Medibank.