News and Updates on Information Technology

Australia – Western Australia Department of Health (WA Health)

Exploit: Third Party Data Breach
Western Australia Department of Health: Government Agency

Risk to Small Business: 1.327 = Extreme

The saga continues for WA Health. Cascading complications have increased the severity and the damage from the data breach that we reported on last week. New information has come to light, making this incident involving the agency and its paging service one of the state’s biggest privacy breaches. Thousands of state government communications were published on a public website, including confidential health data like COVID-19 test results for scores of people. More than 400 records including confidential doctor/patient communications, official doctor/health department messages, personal details of patients in quarantine, and extensive case management information were publically exposed. The rapidly expanding incident has grown to impact other health-related state services including St. John Ambulance, the Department of Fire and Emergency Services, and the Department of Justice.

Individual Risk: 1.889 = Severe

While no financial information was reported stolen, a great deal of very specific and highly sensitive personal health data has been compromised. This is especially troubling as COVID-19 anxiety runs high, and may lead to public personal ramifications for patients that were affected as well as lending itself to spear phishing and blackmail attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: The ripple effect of one breach can sometimes be felt throughout an industry, as many services and companies are intertwined. By adding a solid digital risk protection platform to their security plan, businesses can gain a more holistic view of their risks to start patching up holes in security before a problem becomes a disaster.