This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Quantum Radiology

Summary

Quantum Radiology, an imaging and diagnostics provider operating 10 clinics across Sydney, fell victim to a ransomware attack on 22 November 2023 that encrypted patient data including medical images, reports, and government health identifiers. The incident was initially attributed to a configuration error but was later revealed as a targeted ransomware attack.

What Happened

On 22 November 2023, an "unauthorized third party" breached Quantum Radiology's IT system and encrypted its contents, including sensitive patient information. The company initially told patients and the media that the disruption was caused by a configuration error, only later admitting it was a sophisticated ransomware attack.

The encrypted data included patient records spanning multiple years, stored on the company's main systems. In July 2024—more than seven months after the attack—Quantum announced it had successfully decrypted its main IT systems and recovered "the majority" of patient records and reports.

Impact on Individuals

The ransomware encrypted data including:

  • Medicare, Centrelink, and Veterans Affairs card information
  • Patient names and identifying information
  • Medical imaging scans and radiology reports
  • Contact details and claim information

Quantum confirmed it does not collect or store:

  • Credit card data
  • Scanned copies of Medicare cards or other identity documents

The breach created significant disruption for patients who needed access to their medical imaging for ongoing treatment. The extended timeline for data recovery meant some patients faced delays in medical care while waiting for their records to be restored.

Organisational Response

Quantum Radiology engaged IDCARE, Australia's national identity and cyber support service, to assist affected individuals. The company committed to contacting patients directly by post no later than 31 July 2024 if their Medicare, Centrelink, or Veteran Card information was current and unexpired at the time of the breach.

Recovery Timeline:

  • 22 November 2023: Ransomware attack occurs
  • January 2024: Company publicly acknowledges incident
  • July 2024: Main systems decrypted, majority of records recovered
  • July 2024: Patient notification process begins

The company's initial mischaracterization of the incident as a "configuration error" drew criticism, with employees reportedly being harassed by attackers during the incident. The extended recovery period highlighted the devastating impact ransomware can have on healthcare providers and patient care.

In June 2024, Quantum appointed administrators, raising concerns about the company's financial viability following the significant costs of incident response and system recovery.

[extra.impact] affected_individuals = 0 individuals_note = "" data_volume_gb = 0 record_count = 0 financial_cost_total = 0 ransom_demanded = 0 ransom_paid = 0 estimated_remediation = 0 downtime_hours = 0 downtime_note = "" +++

Verification Source: View original statement