Key Takeaways
- A ransomware attack on the online health portal Manage My Health has put the data of over 120,000 patients at risk.
- The hackers, known as ‘Kazu’, demanded a $US60,000 ransom and threatened to leak over 400,000 files if the payment was not made within 48 hours.
- The deadline for the ransom has passed, but no further data has been leaked.
- The General Practice Owners’ Association is calling for Manage My Health to inform patients and GPs about who has been affected and what information has been taken.
- An urgent review into the breach has been announced by Health Minister Simeon Brown.
Introduction to the Hack
The online health portal Manage My Health has been the victim of a ransomware attack, with hackers demanding a $US60,000 ransom in exchange for not leaking over 400,000 files. The hackers, who call themselves ‘Kazu’, posted on Sunday morning that they would leak the files if the ransom was not paid within 48 hours. The deadline for the ransom has now passed, but no further data has been leaked. This has left patients and GPs anxious to know whether they have been affected by the hack and what information has been taken.
Impact on Patients and GPs
The General Practice Owners’ Association chairperson, Angus Chambers, has expressed concern about the impact of the hack on patients and GPs. He stated that many patients are worried that their privacy has been breached, and they still do not know if their data has been stolen. This has created a lot of anxiety and work for GPs, who are receiving a lot of queries and requests for explanations. Chambers believes that it is Manage My Health’s responsibility to inform patients and GPs about who has been affected and what information has been taken. He emphasized that GPs are involved to a degree, but it is ultimately Manage My Health’s job to communicate with patients and GPs.
Response from Manage My Health
Manage My Health has apologized for the pain and anxiety caused to health providers and patients, and acknowledged that it could have communicated better. The company stated that its priority was to secure patient data and work on the accuracy of all information before providing it to practices and patients. Manage My Health has also announced that it will publish daily updates with all the information it can share. However, the company has refused to comment on the ransom demand, stating that it is a matter for the police. This response has been met with criticism from the General Practice Owners’ Association, which believes that Manage My Health should be more transparent about the hack and its impact on patients and GPs.
Cyber Security Concerns
The hack has highlighted the importance of cyber security in the healthcare industry. Chambers emphasized that practices must be prudent about cyber security and protecting their patients’ data. However, he noted that it is not as simple as switching platforms, as Manage My Health is closely connected with practice management software. Changing this would be a massive job, and would require significant resources and investment. This highlights the need for healthcare providers to invest in robust cyber security measures to protect patient data and prevent similar hacks in the future.
Government Response
The Health Minister, Simeon Brown, has announced an urgent review into the breach. This review will aim to determine the cause of the hack and identify measures to prevent similar breaches in the future. The review is a welcome step, but it is unclear what actions will be taken to support patients and GPs who have been affected by the hack. The General Practice Owners’ Association is calling for more transparency and communication from Manage My Health, and for the company to take responsibility for the hack and its impact on patients and GPs.
Conclusion
The hack on Manage My Health has highlighted the importance of cyber security in the healthcare industry. The impact on patients and GPs has been significant, with many anxious to know whether they have been affected and what information has been taken. Manage My Health’s response has been criticized for lacking transparency, and the company must do more to communicate with patients and GPs. The urgent review announced by the Health Minister is a welcome step, but it is unclear what actions will be taken to support those affected by the hack. Ultimately, the hack on Manage My Health is a wake-up call for the healthcare industry to invest in robust cyber security measures to protect patient data and prevent similar breaches in the future.