Medtronic says a third party accessed data in corporate IT systems, while ShinyHunters claims more than nine million records were stolen. The incident did not disrupt products or patient care, but it exposes the widening risk around corporate IT, identity data and medical technology supply chains.
Australia’s A$25bn AI wager, Bezos’s leap into “physical AI” and Musk’s push to shift data centres into orbit turned this week into a defining moment in the AI global industrial contest, with the Global South emerging as both proving ground and prize in the new AI steel age.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
The CL0P ransomware gang has breached Podiatry WA, a key Australian healthcare association, as part of a massive 22-victim global attack wave. The incident highlights the escalating threat of data extortion targeting professional services and healthcare sectors across Australia.
Cyber News Centre's cyber update for 29th January 2026: Podiatry WA, a professional association for podiatrists in Western Australia, has been breached by the notorious CL0P ransomware gang.
Podiatry WA is a professional association and public company limited by guarantee based in Australia. It represents podiatrists and chiropodists, promotes foot health, and supports professional development and education for the podiatry profession in Western Australia.
Update: The CL0P ransomware group has claimed responsibility for a data breach at Podiatry WA, a professional healthcare association based in Western Australia. The attack is part of a significant global campaign that saw the group list 22 new victims in a single 24-hour period, with 11 of those located in Australia. This aggressive wave of attacks highlights a renewed focus on the professional services and healthcare sectors.
The breach was first reported by cyber industry monitoring experts on January 28, 2026, with the threat actor adding Podiatry WA to its dark web leak site. The full extent of the data stolen remains unknown, but the incident places the sensitive information of the association and its members at significant risk. CL0P, a Russian-speaking cybercrime collective also known as TA505, has a history of large-scale data extortion campaigns and has reportedly amassed over $500 million from its operations.
The group is known for exploiting zero-day vulnerabilities and has recently been observed targeting supply chain vulnerabilities and high-value enterprise infrastructure. This latest campaign follows a reported 525% increase in CL0P's activity in 2025, signaling a major resurgence for the prolific ransomware operator.
Why it Matters: This attack on a professional healthcare body underscores the relentless targeting of Australia's critical sectors. The breach is not an isolated event but part of a coordinated, large-scale assault on Australian organisations, demonstrating the persistent and evolving threat posed by sophisticated ransomware groups like CL0P.
For small and medium-sized businesses (SMBs) within the healthcare supply chain, this incident is a stark reminder of their vulnerability. These organisations are often seen as soft targets due to limited cybersecurity resources. The consequences of such a breach extend beyond financial loss, risking the exposure of sensitive professional and potentially patient-related data, eroding trust, and causing significant operational disruption.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Medtronic says a third party accessed data in corporate IT systems, while ShinyHunters claims more than nine million records were stolen. The incident did not disrupt products or patient care, but it exposes the widening risk around corporate IT, identity data and medical technology supply chains.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
According to Microsoft’s April 2026 Security Update Guide, the company fixed more than 160 vulnerabilities across Windows, Office and core services, including an actively exploited SharePoint zero‑day and a Defender privilege‑escalation flaw.
The largest DeFi exploit of 2026 has seen $293 million drained from Kelp DAO's LayerZero cross-chain bridge, triggering a $5.4 billion withdrawal panic across the broader ecosystem and exposing critical centralization flaws in modular security.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
