CBS Tasmania

Summary

CBS Tasmania, a not-for-profit organisation providing aged care and disability services in Tasmania, suffered a ransomware attack by the Lynx gang discovered on 10 October 2025. The attackers claimed to have stolen client and staff data, posting proof including employee detail forms, organisational documents, tax invoices, and Working with Vulnerable People ID credentials. The incident was contained with no operational impact.

What Happened

CBS Tasmania was listed on the Lynx ransomware gang's darknet leak site in early October 2025, with the gang posting proof of the data breach on 10 October 2025. The sample data published by Lynx included employee detail forms, organisational detail forms with the Tasmanian Department of Health, tax invoices, and a photo of a Working with Vulnerable People ID credential. CBS identified that the compromised data primarily related to staff members with a very limited number of clients affected.

Impact on Individuals

The breach primarily affected CBS Tasmania staff members, with a very limited number of clients also impacted. Compromised data included employee details, Working with Vulnerable People credentials (required for those working with vulnerable populations), organisational documentation, and financial records. The exposure of Working with Vulnerable People ID credentials raised particular concern given the sensitive nature of these child and vulnerable person protection credentials.

Organisational Response

Upon becoming aware of the incident, CBS Tasmania immediately engaged leading cyber security experts for advice and successfully contained the breach. The organisation confirmed that operations continued without disruption, with services to clients maintained throughout the incident. CBS commenced notification of impacted individuals to provide information and advice on steps they could take to minimise risks associated with the data exposure.