🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Healthcare
Healthcare sector · leaderboard
Own the Healthcare leaderboard
The top banner across the Healthcare overview and every Healthcare record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

TissuPath

🇦🇺 Melbourne, VIC · TissuPath Pty Ltd · Record AU-2023-0831
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2023-08
Regulator
OAIC and ACSC notified
Trust tier
B · Reported

Data exposed

Names, dates of birth, gender, phone, address, Medicare numbers, health-insurance details, referring-doctor information and scanned pathology referrals — including suspected or confirmed cancer diagnoses Company-confirmed

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In August 2023 the Victorian anatomical-pathology provider TissuPath was breached through a third-party IT provider, exposing scanned pathology referrals and patient details — names, dates of birth, Medicare and health-insurance data, and referrals noting suspected or confirmed cancer diagnoses [tp-cd], [tp-pit]. TissuPath notified the OAIC and ACSC.

Current status

Disclosed. An attacker claimed a large volume of files; that is a file count, not a count of people, so no number of affected patients is asserted here.

Why it matters

Pathology referrals reveal diagnoses at their most sensitive; a supplier breach exposing them is a serious harm to the patients named.

GGOVERN Tabletop Exercises · Govern house When ransomware hits the ward, will your team know the call? Book a Discovery Call →