Overly Delayed Disclosure of Ransomware Attack at Australian Clinical Labs

November 1, 2022


On October 31, Australian Clinical Labs (ACL) disclosed a February 2022 data breach that impacted its Medlab Pathology business. The breach exposed the medical records and other sensitive information of 223,000 people.

Quantum ransomware gang took responsibility for the attack. 86GB stolen files were uploaded on its Tor site on June 14, 2022. Leaked data included patient and employee details, financial reports, invoices, contracts, forms, subpoenas, and other private documents. According to Quantum ransomware’s website, the data leak page for MedLab has been accessed 130,000 times.

Incident Date

February 12, 2022



Estimated Cost

cost unknown; 86GB data leaked

Type of Malware

Threat Source

No threat source identified