Cyber attack on far north Queensland health organisation

Richard Dinnen - Queensland Editor |

The Apunipima health centre at Mossman Gorge, far north Queensland
The Apunipima health centre at Mossman Gorge, far north Queensland

An Indigenous health organisation operating in Far North Queensland says it has been the victim of a cyber attack.

Apunipima said it recently became aware a third party had gained access to its information technology system and may have downloaded information.

Apunipima Cape York Health Council formed as an advocacy group in 1994, becoming a provider of primary health care services in 2006.

It operates five health centres, at Aurukun, Coen, Kowanyama, Napranum and Mossman Gorge, as well as providing services in six Cape York communities.

In a statement, Apunipima said it was aware online posts claiming responsibility for the attack.

“We are also aware of a post on the deep web, a part of the internet not listed by search engines like Google, or easily accessible by the general public by an unidentified third party, claiming responsibility for the unauthorised access.

“We are being supported by leading external advisors to closely monitor this post, and we are taking all appropriate actions in response.

“As soon as we became aware of the incident, we engaged leading external cyber security and forensic I.T. experts to support us in managing the incident.”

Apunipima said it was working to secure its systems and restore function and starting a forensic investigation into the incident.

There are also unverified claims online that the health service had been subjected to a ransomware attack.

The statement said it’s not yet clear if personal or private information has been compromised.

“We are advised that the forensic investigation to determine what precisely has occurred and if any information has been affected will take some time to complete.

Should the forensic investigation confirm that anyone’s personal information may have been affected, we will carefully analyse the potentially affected information.

“We will be notifying individuals in a clear and precise manner, including advising them of any steps they need to take.

“We will ensure all relevant regulators and authorities are notified and kept informed in this regard.

It’s understood Queensland Health has taken precautions to prevent any of its computer systems being affected by the incident.

The Australian Cyber Security Centre has also been notified.

Apunipima said it’s deeply saddened that a third party would target it in this way.

“We are working closely with Queensland Health and other Cape York based service providers.

 “Our number one priority is the continuity of care and health services to the people and communities we serve.”