The ThreeAM ransomware operation claims it hacked the healthcare standards body – but it only has data belonging to a Victorian medical centre.
The Australian Medical Council (AMC) has said it was not the victim of a ransomware attack after it was listed as a victim on the darknet site of the ThreeAM hacking group.
The AMC was one of a dozen victims listed on the site on 12 June.
However, it appears the hackers – and several open-source threat feeds that took the hackers at their word – appear to have either mistaken the data in their possession or were deliberately hyping its importance.
“The AMC is aware of the claims made by ThreeAM that they have published data obtained from the AMC. The AMC has reviewed the data and [is] confident that this is not AMC data and that there has been no data leakage from the AMC,” an AMC spokesperson told Cyber Daily.
“The AMC has no role in the delivery of health services and does not hold any patient data.”
Nonetheless, the AMC said it has reported its findings to the Australian Cyber Security Centre.
ThreeAM has already published the entire data set, and multiple documents feature the letterhead of the Aghapy Medical Centre in Victoria, as well as several personal files belonging to one of its general practitioners. The documents include details of business processes, blank forms, and general correspondence, as well as patient complaints and the transfer of patient records.
No patient records appear to be included in the data.
Cyber...
A heated debate broke out in parliament after National Citizen Party (NCP) MP Abdul Hannan Masud accused the prime minister of making “false” claims while criticising the opposition’s position on ...