🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Healthcare
Healthcare sector · leaderboard
Own the Healthcare leaderboard
The top banner across the Healthcare overview and every Healthcare record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

Regis Healthcare

🇦🇺 Australia · Regis Healthcare Limited · Record AU-2020-0808
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2020-07
Regulator
OAIC and ACSC notified
Trust tier
B · Reported

Data exposed

Personal data copied and, in part, published by the Maze double-extortion group; reporting referenced resident/client and employee information Media-reported

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In mid-2020 the ASX-listed aged-care provider Regis Healthcare was hit by the Maze ransomware group, which copied some data and published certain personal information publicly [regis-itnews], [regis-co]. Regis notified the OAIC and ACSC.

Current status

Disclosed. The number of people affected was not disclosed, so none is asserted here.

Why it matters

Aged-care providers hold sensitive resident and staff data; double-extortion ransomware that both encrypts and leaks turns an IT incident into a privacy breach.

GGOVERN Tabletop Exercises · Govern house When ransomware hits the ward, will your team know the call? Book a Discovery Call →