Data Of Patients, Employees Compromised

WS Audiology, ranked as the third-largest global hearing aid company and the second-largest in Denmark, has been hit by a cyberattack, compromising sensitive personal data. According to a report published by MedWatch, the WS Audiology breach impacted its IT systems in Australia, New Zealand, Singapore, and Hong Kong.

WS Audiology’s Hong Kong office first identified the breach on July 5, 2024. The company is yet to assess the full scope of the data breach or its financial repercussions. However, WS Audiology expressed in their communication with MedWatch, “At this time, we cannot provide specific numbers, but we are doing everything we can to manage the situation and protect everyone affected.”

WS Audiology Breach Details

In its security update, WS Audiology said, “As at the date of this notice, we know there was unauthorised access by the threat actor, but as soon as we became aware of the incident, we took immediate steps to contain the incident and secure our systems. Our response team is working hard to investigate and identify what personal information has been affected by this incident.

“As a responsible corporation, we have notified the incident to the Office of the Privacy Commissioner of Personal Data. We are actively liaising with the authority and will continue to do so until this matter is resolved,” it wrote.

Russian Ransomware Group Behind WS Audiology Breach?

According to a report by Computerworld, the Russian-speaking group “Blacksuit” is responsible for the ransomware attack and is now blackmailing the company by threatening to leak the compromised personal data. The stolen information includes patients’ names, birth dates, gender, addresses, phone numbers, email addresses, health information, audiologist details, hearing aid information, and visit data. Additionally, salary and bank account details of both current and former employees were accessed.

The announcement from WS Audiology also indicates that it remains unclear whether the attack has infiltrated deeper into the company’s systems. The company assured in its Hong Kong announcement, “Investigations are ongoing, and we are still assessing the categories of information that may be affected. We will provide further updates on the affected categories of information and any risks we identify as we learn more.”

“We know this is a concerning development but rest assured your privacy and security are of utmost importance to us. We sincerely apologize for any distress this incident may have caused,” it added.

Not the First Cyberattack

This is not WS Audiology’s first encounter with a cyberattack. Back in November 2019, after the merger of Sivantos and Widex to form WS Audiology, the company experienced another breach. That malware attack targeted the Sivantos network before its integration with Widex, leading to a shutdown for a day and a half. The attack caused significant disruptions in production, order processing, and invoicing, ultimately hurting the company’s financial performance.

The 2019 cyberattack on WS Audiology followed shortly after a similar attack on its competitor, Demant, which resulted in emergency shutdowns of critical IT systems and cost Demant between DKK 550–650 million (USD 81–96 million). Following Demant’s breach, WS Audiology urged its employees to be cautious about cybercrime, especially with suspicious emails or links, a warning that remains relevant today.

Currently, WS Audiology is reiterating those same warnings, advising its staff and customers to stay vigilant in their online activities.

“We urge you to be vigilant regarding all online and phone communications and transactions. As a precautionary measure, please updating your passwords and activating multi-factor authentication wherever possible, and maintaining good online security practices, including avoiding opening messages or clicking on links from unknown senders. If you believe that you may be impacted by the incident, please monitor our website for further updates,” it said.

Related