Incident: SA Health patients caught up in data breach of third-party platform Personify Care | ABC News (Australia)
Australian Patient Data, 28 October 2023
SA Health patients caught up in data breach of third-party platform Personify Care
Health information of 121 patients and the names and phone numbers of about 12,000 others was deleted by an “unauthorised third party”
Thousands of South Australian public health patients are being contacted over a data breach of a third-party run portal. The cyber security incident affected mobile app provider Personify Care, which works with SA Health to deliver digital patient pathways.
The breach resulted in the deletion of a folder containing the health information of 121 patients and contact details of 12,624 patients. The hackers claimed that they tried to negotiate with the company, but the company refused to pay the ransom or fix the security issues.
Dr Lawrence described it as a “disappointing incident” but said patients should continue to use Personify Care. “At this stage our advice is that there’s no evidence that information has actually been taken away and it’s certainly not visible on the dark web through the processes that the digital agencies used,” she said.
Personify Care has notified the affected individuals and the Office of the Australian Information Commissioner. SA Health has confirmed the breach.