“I am working with agencies across the Australian government, states and territories to co-ordinate a whole-of-government response to this incident,” she said.

“The Australian Signals Directorate’s Australian Cyber Security Centre is aware of the incident and the Australian Federal Police is investigating.

“We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress, while working closely with the affected commercial organisation to address the impacts caused by the incident.”

Cybersecurity Minister Clare O’Neil urged people not to speculate on the company involved in the breach.

The minister wrote on social media site X, formerly known as Twitter, that she had been briefed on the incident earlier in the week and the government had convened a National Coordination Mechanism on Thursday.

“Updates will be provided in due course. Speculation at this stage risks undermining significant work under way to support the company’s response,” she wrote.

O’Neil said McGuinness was leading the work to support the company to manage the incident.

No data has yet appeared online and no ransomware group has claimed responsibility for the hack.

Sadiq Iqbal, cybersecurity adviser at Check Point Software Technologies, said the ransomware attack was particularly concerning given it was a major healthcare provider supplying critical services.

“The healthcare industry continues to be a top target to organised cybercriminals due to the sensitive services it supplies,” Iqbal told this masthead.

“It is, however, encouraging to see that the ASD is on top of the situation and assisting with the response and providing transparency throughout the process.”

Iqbal said that while it was probably too early to diagnose the cause of the breach, Australia’s healthcare industry could learn a lot from the United States and its regulatory compliance requirements for the sector. “Due to the lack of budgets and reliance on antiquated out-of-support Windows devices that power many of the critical medical technology, healthcare providers will frequently be an easy target for sophisticated threat actors.”

Loading

The breach comes six months after the nation’s largest not-for-profit health and aged care provider, St Vincent’s Health, sustained a cyberattack with hackers stealing data from its network.

It also comes nearly two years after Australia’s largest health insurer Medibank suffered a data breach in which nearly 10 million customers had personal information, including names, dates of birth, addresses and phone numbers, compromised.

It was one of the worst cyber breaches ever reported, and the alleged perpetrator was detained in Russia.

Australia late last year dropped plans to ban companies from making ransomware payments, instead opting to introduce mandatory reporting obligations.

“Every time a ransom is paid, we are feeding the cybercrime problem,” O’Neil said in November.

“Now, we are in a situation in our country where it is clearly not the right time at this moment to ban ransoms, and that’s because we haven’t done the hard work.”

The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.