Questions deepen over St Vincent’s, Victorian courts hacks


“We know that our staff, patients, residents, partners and the public want to know the status of the investigation. They particularly want to understand what, if any, sensitive personal information has been stolen by the cyber criminals,” a spokesman for St Vincent’s Health said in a statement.

“We recognise that it may be frustrating and difficult to hear that this work is ongoing and that answers are not yet clear. We also feel that frustration.

“While we are continuing to conduct extensive digital forensic analysis, this work has been made more complex because the cyber criminals undertook anti-forensic measures to obscure their activities within our networks.”

Investigators are working to determine what data has been stolen.Credit: Peter Rae

The spokesman said St Vincent’s is continuing to work with cybersecurity specialists CyberCX as well as agencies including the Australian Cyber Security Centre, the national cyber security co-ordinator, the Australian Federal Police and the Office of the Australian Information Commissioner.

“At this stage of this investigation, there is no evidence that any sensitive personal information has been stolen from our network. However, if this changes, St Vincent’s will activate a comprehensive response plan and offer support services to those affected.”

Sentonas said that it hasn’t been a great 12 months for Australia when it comes to cybersecurity, and we can expect 2024 to be even more severe.


According to the Australian Signals Directorate, an intelligence agency, more than 127,000 hacks against Australian servers were recorded between the 2022 and 2023 financial years, an increase of more than 300 per cent over the prior year. Tens of millions of Australians have been caught up in recent breaches including customers of Optus, HWL Ebsworth, Latitude Financial, Medibank, DP World and Dymocks, in what’s being dubbed a ‘new normal’ of consistent attacks.

“What we’re seeing is this is a problem that’s only getting worse in Australia,” he said. “But the government is doing a much better job of highlighting the issue and bringing the conversation into the mainstream.

“What I’d like to see is more conversations about how to deal with it before an issue happens. How do we create a country where its organisations have got this under control, because it’s only going to get worse. I want to work on how we focus on protecting small and medium businesses because they do not have the skills, the resources or the budget of big banks or telcos. How do we help them with hygiene and be proactive to make sure they’re not being breached and have issues with identity theft and financial theft?”

Questions are also persisting about last month’s hack of Court Services Victoria, in which court hearing recordings and sensitive testimony were potentially stolen.

Experts say that intrusion was likely financially motivated, with the hackers leaving a ransom note which threatened the leak of stolen data unless a ransom is paid.

As this masthead previously reported, witnesses whose sensitive testimonies about sexual abuse or underworld figures could be leaked online after a hack of the Victorian court archive system are unable to apply for compensation through the state’s privacy watchdog.

“The nature of the alleged stolen data is cause for concern, though those seeking to profit from its theft may find it next to exceedingly difficult to extract a ransom,” Australian cybersecurity research group CyberKnow said in a report.

“On one hand, given the right motivation, it is highly likely that a threat actor could extract useful information that would otherwise be struck from a court record such as names and business accounts.


“With that being said, the value of the alleged stolen data is dependent on the threat actor accurately determining its value. Australian court cases are notoriously long, and laden with legal jargon. A threat actor seeking to evaluate the true value of court case recordings will likely require an advanced understanding of the Australian legal system and thousands of hours to pore through recordings to find interesting or valuable information.”

The Australian government pledged not to pay ransom demands at the Counter Ransomware Initiative summit in San Francisco, ruling out the option that Court Services Victoria has paid the cyber criminals.