Cyberattacks have evolved from the days of being mere malware and viruses to the new generation of ransomware attacks. When hackers manage to gain access to sensitive information, they force the organization to pay a ransom to not leak and to safeguard their integrity.
On Anzac Day, a cyberattack was purposefully triggered towards Australia’s Family Planning New South Wales. Reports confirmed that more than 8,000 patient records were inside the hacked servers. The personal information and medical history of thousands were at risk.
The hackers demanded that the hospital paid $15,000 in Australian dollars and the ransom be paid using Bitcoins so as to mask their identity.
Family Planning NSW: A Sensitive Breach That Concerned Many
Medical records are always sensitive as people wouldn’t want them going out to the public. The situation is much more complicated in this case because Family Planning NSW is an exponentially large sexual health clinic in Australia and has thousands of patients visiting them throughout the year.
The medical institution has to deal with a whole lot of sensitive information and when their database was hacked by exploiting a loophole, most were concerned by the fact that their personal information could go online in the hands of hackers.
According to the official reports from the organization, the medical records internally used by doctors were not compromised. They further added that it is obvious that the clients who shared their personal information, contact details and medical conditions when seeking an appointment may fear a huge breach.
The attackers couldn’t access the internal records as they were not connected to the database. It was also clarified that their intention was not to steal data but they wanted to expose the vulnerabilities.
A Reassuring Statement Issued
Family Planning NSW Chief Executive Ann Brassil offered her apology to all the clients of the organization. She clarified that this was not the only attack but a series of attacks that took place on Anzac Day.
The target was not the sexual well-being center or any medical records in particular but rather was financially-motivated to target vulnerabilities in technology. The hackers threatened the organization that if they didn’t pay the $15,000 ransom, they will completely shut down the website and delete all the databases associated with it.
During the time when the statement was issued by Brassil, the IT team behind the organization shut down the website manually to stop any further attacks from taking place.
The FPNSW didn’t confirm whether they paid the ransom or not but there was a timer on the website which threatened to delete everything if the sum was not paid. Being a relatively meager amount, it may have been transacted to avoid the ransomware from doing further damage, but the Family Planning center didn’t comment on its status.
Increasing Ransomware Threats Using Bitcoins
While Family Planning New South Wales has officially managed to come out of the situation and sent an email to all their 8,000 clients assuring the safety of sensitive information, there is a significant increase in the amount of such attacks in other organizations. Brassil further added that the hacking attempt was not so sophisticated and they managed to overcome it quickly while keeping their data safe.
Hackers around the globe are targeting banks, hospitals and other sensitive industries where a data breach could lead to a huge setback.
In almost every such ransomware attack, the hackers demand the ransom to be paid in Bitcoins to keep their identity from getting exposed. It has created a disturbing reputation of the cryptocurrency which has huge potential but is often being used in the dark web and for such illegal activities.
Some organizations managed to outwit the attackers with proper data backups while most ended up paying whatever ransom they demanded.
Governments around the world are working closely with banks and other financial institutions to streamline cryptocurrency. If Bitcoin comes under regulation, it is expected that hackers trying to demand ransom by making use of the situation may slowly stop doing it as they may not be able to accept such payments with complete anonymity.