Threat Report — Australian Healthcare 2025–26

Before its your Breach

In twelve months, a single ransomware attack exposed 12.9 million prescription records — roughly half the Australian population. Oncology scans from a Sydney radiology practice were published on the dark web. A community pharmacy's methadone treatment records were posted openly for anyone to download. Ransomware incidents against Australian healthcare doubled in a single financial year. Every one of these breaches was preventable.

 

Real incident analysis — MediSecure, Spectrum Medical Imaging, Toowoomba Friendlies, and more. Every breach dissected with timelines, attack vectors, and the specific controls that were missing.

The human cost made concrete — a ransomware attack on an NHS pathology provider contributed to a patient death. Healthcare breaches don’t just leak data. They endanger lives.

What would have changed — each breach re-examined against the architecture that would have contained it. No ambiguity. No abstraction. No hypotheticals.

Get the Report

28 pages. Three real breaches. Zero fluff.