πŸ”’breach.co.nz Β· the NZ & Australia breach register πŸ›‘οΈ A Govern service
Register β€Ί πŸ‡¦πŸ‡Ί AU β€Ί Healthcare

I-MED Radiology Network

πŸ‡¦πŸ‡Ί Australia Β· I-MED Radiology Network Β· Record AU-2024-0166
● Confirmed
People affected
Not disclosed
Breach date
2024-09
Regulator
OAIC
Trust tier
A Β· Confirmed

Data exposed

Patient records and imaging referral information (tens of thousands of files) Media-reported

Confidence: Confirmed = regulator/court Β· Company-confirmed = the organisation's own disclosure Β· Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In 2024 it emerged that patient files from I-MED Radiology Network β€” Australia’s largest medical imaging provider β€” had been exposed, with tens of thousands of files reportedly accessible using details shared online for around a year [crikey-imed]. The OAIC undertook preliminary inquiries into the matter [oaic-imed]. The number of individuals affected was not officially quantified and is not estimated here.

Timeline

  • 2024-09 β€” Exposure of I-MED patient files reported [crikey-imed].
  • 2024 β€” OAIC conducted preliminary inquiries [oaic-imed].

Current status

Subject to OAIC preliminary inquiries; figures are as reported. [oaic-imed]

Why it matters

Diagnostic imaging is some of the most sensitive health data there is, held by a single national provider β€” a concentration of risk the regulator took an interest in.

GGOVERN Tabletop Exercises Β· Govern house When ransomware hits the ward, will your team know the call? Book a Discovery Call β†’