A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Jensen Huang's GTC 2026 reframed the AI race entirely: agentic AI, physical intelligence, orbital data centres and self-driving platforms have replaced benchmark wars. On the All-In podcast he tackled AI's PR crisis head-on. NVIDIA is building the infrastructure backbone of the next global economy.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
The Rhysida ransomware group has targeted Harbour Town Doctors, a Queensland medical centre, threatening to leak sensitive patient data. The attack highlights the persistent threat of ransomware to the Australian healthcare sector.
Cyber News Centre's cyber update for 17th December 2025: Harbour Town Doctors, has been targeted by the Rhysida ransomware group, which claims to have exfiltrated sensitive patient data. Harbour Town Doctors is a medical centre located in Biggera Waters, Queensland. It provides a range of services including family medicine, a skin cancer clinic, and chronic disease management.
Update: The Rhysida ransomware group has listed Harbour Town Doctors, a medical centre on the Gold Coast, as a victim on its dark net extortion site. The group posted the claim on 11 December, threatening to sell a trove of sensitive patient data for five bitcoin, approximately $137,000 AUD. Low-resolution images shared by the attackers appear to show patient health summaries, medical record transfer requests, and pathology reports, some of which are on the clinic's letterhead. The incident is another example of Rhysida's focus on the healthcare sector, following a string of attacks on medical facilities in the US and a Sydney-based aged care agency in 2024.
The ransomware-as-a-service operation, first observed in mid-2023, is known for its double-extortion tactics, demanding payment for both data decryption and the deletion of stolen information. The group has claimed over 250 victims since its emergence. Harbour Town Doctors has not yet issued a public statement on the alleged breach, leaving patients in the dark about the status of their personal information. The incident underscores the growing threat of ransomware to the Australian healthcare sector and the vulnerability of patient data.
Why it Matters: This attack on a local Australian medical clinic is a stark reminder that the healthcare sector remains a prime target for financially motivated cybercriminals. The potential exposure of highly sensitive patient information, including health summaries and pathology reports, poses a significant risk of identity theft, fraud, and personal distress for affected individuals. For Harbour Town Doctors, the breach could lead to severe reputational damage, regulatory penalties under the Notifiable Data Breaches scheme, and a loss of patient trust. The incident also highlights the need for all healthcare providers, regardless of size, to implement robust cybersecurity measures, including multi-factor authentication, regular system patching, and comprehensive incident response plans to protect against the ever-present threat of ransomware.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
Singtel executives fronted a Senate inquiry, categorically denying explosive allegations that a secret ransom was paid to hackers following the massive 2022 Optus data breach that exposed personal information of 9.8 million Australians, amid ongoing inquiry into the telco's operational failures.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
