The IT systems of at least two Brisbane aged care facilities and two hospitals remained inoperable on Tuesday, following a Sunday cyber attack that has forced staff to switch to manual processes.
UnitingCare Queensland facilities, including the Wesley and St Andrews War Memorial Hospitals, were targeted and it remains a mystery as to when their digital and technology systems will be restored.
“We can confirm that the external group claiming responsibility for this incident has identified themselves as REvil/Sodin,” UnitingCare said in a statement.
The organisation said it immediately notified the Australian Cyber Security Centre following Sunday’s hack, along with several leading external technical and forensic advisors.
UnitingCare said where necessary, manual back-up processes are in place to ensure continuity of most of its services.
Where manual processes cannot be implemented, services are being redirected or rescheduled accordingly.
“… it is not possible to provide a resolution timeframe at this stage, however we can confirm that we are making significant progress towards securing, cleansing, and recovering our systems,” UnitingCare said.
It is believed the organisation’s operational systems, including internal staff email and patient operation booking, were impacted.
“With the assistance of leading experts and advisors, we are conducting a thorough investigation into whether patient, client, resident or employee information has been breached.
“This investigation is continuing and we will continue to keep the people we care for updated in this regard, in addition to employees, regulators and other stakeholders.
“Updates on this matter will be posted to our organisation’s multiple websites as we gain greater clarity on the incident and the likely resolution timeline.”