What happened
In August 2023 the Victorian anatomical-pathology provider TissuPath was breached through a third-party IT provider, exposing scanned pathology referrals and patient details — names, dates of birth, Medicare and health-insurance data, and referrals noting suspected or confirmed cancer diagnoses [tp-cd], [tp-pit]. TissuPath notified the OAIC and ACSC.
Current status
Disclosed. An attacker claimed a large volume of files; that is a file count, not a count of people, so no number of affected patients is asserted here.
Why it matters
Pathology referrals reveal diagnoses at their most sensitive; a supplier breach exposing them is a serious harm to the patients named.