– Notice published 26 February 2025 –
RivMed recently became aware that it was a victim of a cyber incident. An unauthorised person committed a criminal offense and accessed a part of our IT systems. As soon as we became aware, we immediately engaged leading cyber experts to provide us advice on how to respond.
While our investigation is ongoing, we can confirm the incident has been contained. The RivMed team have been urgently working to respond to the incident and have taken all steps to protect the privacy of our community members and staff.
Once we determine what personal information was accessed during the incident, we will be contacting individuals in line with our obligations. The incident has been reported to the Office of the Australian Information Commissioner.
We place the wellbeing of our community members, clients and staff as our highest priority and are committed to supporting those affected. A specialist provider, IDCARE, has been engaged to support our community with any responses to questions on the incident.
If you have any further questions or would like support in relation to the incident, please reach out to support@rivmed.org.au and one of our dedicated team will respond promptly. We thank you for your support.
Sincerely
CEO & Board of RivMed
– Update published 28 February 2025 –
Further information regarding the Cyber Incident
Since our last update, we have received a few questions from our community requesting further information about the incident.
The RivMed management team and board have prepared responses that are set out below.
Q: Was the incident caused by a RivMed staff member?
A: No. The incident was not caused in any way by the actions of a staff member.
Prior to the incident, RivMed had numerous cyber security systems in place to protect our information. Our expert partners have advised that cyber incidents are on the rise globally and criminals are targeting organisations of all sizes. These types of incidents are often highly sophisticated, involving a cybercriminal bypassing complex IT security.
Q: Why has RivMed taken this long to tell everyone?
A: As soon as we became aware about the incident, we brought in cyber experts to provide advice and help us respond.
Management and the board have urgently been working with these experts to investigate the incident. These investigations are extremely complicated, and they can take some time to complete. While the key parts of the investigation were taking place, it was important to protect the integrity of the work being undertaken.
Management and the board wanted to make sure that we had accurate information about the incident before we told the community. We did not want to cause unnecessary alarm by communicating information which could later turn out to be incorrect.
Q: Why didn’t RivMed take steps to protect staff, member and client data?
A: Management and the board took all possible steps to prevent any accessed information from being published online. Our community, members, clients and staff are our highest priority.
There is no evidence that your personal information has been or will be made publicly available, which means that no one else in the community will be able to access your information. We also have our experts providing ongoing monitoring.
Q: Did RivMed’s management team tell the board about this incident?
A: RivMed’s management team have been meeting regularly with board members since the incident was discovered. All major decisions were made by the elected board members who have been involved in all stages of this incident.
The RivMed team are committed to supporting our community, members, clients and staff in relation to this incident. A specialist provider, IDCARE, has been engaged to support our community if you have any concerns.
If you have any further questions or would like support in relation to the incident, please reach out to support@rivmed.org.au and one of our dedicated team will respond promptly. We thank you for your support
Sincerely
RivMed Board and management
