UnitingCare Queensland said it has restored its "key corporate systems" and re-enabled "many" integrations between systems following a ransomware infection in late April.
The hospital and aged care facility operator said in an update last week that it had “made good progress in bringing ... systems and applications back online”.
It also said that it had “introduced improved security controls across [its] digital environment” in the wake of the attack.
This included “increased process controls and ... a market-leading endpoint detect-and-response (EDR) solution to provide ongoing protection,” it said in a statement dated June 10.
A UnitingCare Queensland spokesperson confirmed to iTnews that the statement is still the most current progress update.
The organisation had previously been unable to advise when it might be able to recover its systems. Its six-and-a-half week ordeal is unfortunately not unusual.
UnitingCare Queensland was a victim of the Sodinokibi/REvil malware, which encrypts files and tries to delete backups before demanding a ransom payment.
The incident took out a range of digital systems and forced facilities to use manual, paper-based workarounds.
The organisation said it continued to work with “third-party incident response and threat eradication specialists to ensure integrity across our digital environment”.
“We have taken rigorous measures to identify, contain and eradicate the threats responsible,” it said.
“UnitingCare continues to work closely with leading external technical and forensic advisors and the Australian Cyber Security Centre to respond to the incident.”
It added that it had “instructed external legal advisors to assist with responding to the incident from a privacy perspective”, though it said that “based on [its] assessment to date, there is no evidence that the health and safety of patients, residents or clients has been in any way compromised as a result of this cyber incident.”
