🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Healthcare
Healthcare sector · leaderboard
Own the Healthcare leaderboard
The top banner across the Healthcare overview and every Healthcare record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

St Vincent's Health Australia

🇦🇺 Australia (national) · St Vincent's Health Australia · Record AU-2023-0311
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2023-12
Regulator
Australian Cyber Security Centre; National Office of Cyber Security
Trust tier
B · Reported

Data exposed

Data removed from the network — types and scope under investigation Company-confirmed

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In December 2023 St Vincent’s Health Australia — one of the country’s largest not-for-profit health and aged-care providers — disclosed a cyberattack in which data was removed from its network. The organisation said it was still working to determine exactly what data had been taken [svha-company], [svha-cyberdaily].

Timeline

  • 2023-12-19 — The cyberattack occurred [svha-cyberdaily].
  • 2023-12-21 — St Vincent’s identified that data had been removed from its network and notified government agencies [svha-cyberdaily].
  • 2023-12 — The Australian Cyber Security Centre and National Office of Cyber Security engaged on the response [svha-company], [svha-cyberdaily].

Current status

Under investigation. St Vincent’s did not, at disclosure, publish the scope of data taken or a count of affected people, so no figure is asserted here.

Why it matters

Another major Australian health provider targeted in a run of health-sector attacks — a sector holding some of the most sensitive personal data, and one where disruption carries direct clinical risk.

GGOVERN Tabletop Exercises · Govern house When ransomware hits the ward, will your team know the call? Book a Discovery Call →