Quantum Radiology, a mostly Sydney-based medical imaging operator attacked at the end of last year, has now decrypted its “main” IT systems and recovered “the majority” of patient records.
The company published an update on its incident response on July 15, seven months after its first notification of the incident that occurred in November last year.
The attack initially forced it to close its clinics and cancel patients’ appointments.
The company said that since the initial incident notification, it had “successfully decrypted our main IT information systems and … been able to conduct an analysis of potentially impacted data.”
“We have been able to recover the majority of patient reports that had been impacted,” it stated.
“We are now in the process of attempting to recover historical scanned images which may take some time.”
The company said that NSW and Commonwealth authorities and law enforcement agencies had been updated “about the latest developments”.
Quantum Radiology also pointed to substantial IT and cyber security work being performed since the incident.
This included a “complete rebuild of server infrastructure”, software upgrades, “increased security controls and security awareness”; “an independent review of our cyber security practices; and a commitment to ongoing cyber security reviews.”