Life Healthcare Group, a private healthcare company listed on the Johannesburg Stock Exchange (JSE) that operates private hospitals in South Africa and Botswana, has stated that their IT systems suffered "a targeted criminal attack." According to the company, the attack affected its hospital admissions systems, business processing systems, and e-mail servers.

The company has also said that it is still investigating the extent of the damage the attack might have caused to its systems as well as looking to understand the extent that any sensitive data could've been compromised. As a precautionary measure, Life Healthcare has taken its IT systems offline as investigations continue.

"First, and foremost, we wish to assure all the communities within which we operate, that this criminal attack on our systems will not affect the quality care and clinical excellence we aim to provide. Patient care remains our key priority. We are deeply disappointed and saddened that criminals would attack our facilities during such a time, when we are all working tirelessly and collectively to fight the COVID-19 pandemic. However, we will not be distracted, and will continue to place our patients first," said Pieter Van der Westhuizen, Acting Group CEO at Life Healthcare.

Tech Legal Matters: What you need to know about the Life Healthcare data breach

You can also listen to the podcast on: Apple Podcasts, Google Podcasts, Spotify, Deezer, and Stitcher.

Increase in data breaches and cybersecurity incidents in South Africa

In recent years there has been a marked increase in cybersecurity attacks and data breaches on South African organizations. These attacks have spanned both public and private sector organizations in the country.

Notably, among many such incidents, Liberty Group in 2018 suffered a data breach in which the hackers demanded money in return for not releasing what they claimed was 40 TB worth of data they managed to access on Liberty's systems. While on the other hand, City Power Johannesburg suffered a ransomware attack during 2019 in which the criminals demanded payment in Bitcoin before bringing the power utilities IT systems and network back up.

To date, like many other such similar cases in South Africa, none of them have been solved nor the criminals identified or arrested.

Switched to manual processing, patient care not affected

To ensure that their operations and patient care continues, Life Healthcare stated that all their hospitals have switched to "manual processing systems." However, these are likely to result in delays.

The healthcare company also said that it has contracted external cybersecurity experts and forensic teams "to advise and supplement our internal teams and capacity."

"We regret that the disruption caused by this incident may cause our patients some frustration, in what is already a trying time. We recognise and thank our employees, doctors and service providers for their dedication, and the professionalism they have shown by quickly adopting our manual backup systems. Our investigations continue and we are working around-the-clock to restore the affected systems," concluded Van der Westhuizen.

Subscribe to our newsletter
Insights and analysis into how technology impacts Africa. We promise to leave you smarter and asking the right questions every time after you read it. Sent out every Monday to Friday.

Share this via: