The Australian healthcare sector experienced the most significant impact from cyberattacks over the past year, according to new research, which also highlights a worsening cyber threat landscape. A report from CyberCX, the country’s largest cybersecurity firm, indicates that healthcare accounted for 17% of all cyberattacks in Australia in 2024, followed by financial services at 11% and education at 8%.
In April, a major breach involving electronic prescription provider MediSecure compromised the data of approximately 12.9 million Australians, marking one of the largest cyberattacks in the nation’s history. The attack resulted in the theft of around 6.5 terabytes of sensitive information, including names, addresses, and insurance numbers, which were later found for sale on a Russian hacking forum. MediSecure subsequently appointed liquidators and entered administration in June.
This incident followed a December 2023 cyberattack on St Vincent’s, Australia’s largest not-for-profit health and aged care provider, and a breach at Medibank that exposed the personal details of 9.7 million current and former customers on the dark web. Current statistics suggest that at least half of the Australian population has been affected by a data breach, although the precise percentage is hard to determine.
Hamish Krebs, Executive Director of Digital Forensics and Incident Response at CyberCX, noted that the most affected sectors are those that handle large volumes of sensitive personal data, with healthcare being the most vulnerable. CyberCX has collaborated with Medibank, St Vincent’s, DP World, and Latitude in responding to their cyber incidents.
Krebs emphasized that despite the efforts of cybersecurity defenders over the past year, the global cyber threat landscape continues to decline. He pointed out that attackers are adapting their strategies and increasing the frequency of their assaults. The healthcare sector, in particular, presents unique challenges; for instance, it is common to find unlocked computers in hospitals, with passwords often displayed on monitors to facilitate quick access for medical staff.
Last year, the Federal Court heard allegations from The Office of the Australian Information Commissioner regarding a Medibank IT service desk operator who had saved his credentials for multiple accounts in his personal internet browser on a work computer. This contractor’s admin account was compromised by a hacker, granting access to a significant portion of Medibank’s systems.
The report also highlighted that business email compromise (BEC) remains the most prevalent type of incident in 2024. BEC is a phishing attack that employs formal or creative tactics to deceive victims.
