DragonForce ransomware hit Health Management Systems, an Australian healthcare software provider. Hospitals/clinics urged to check vendor security, isolate backups & train staff vs phishing.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Jensen Huang's GTC 2026 reframed the AI race entirely: agentic AI, physical intelligence, orbital data centres and self-driving platforms have replaced benchmark wars. On the All-In podcast he tackled AI's PR crisis head-on. NVIDIA is building the infrastructure backbone of the next global economy.
Victoria's largest not-for-profit private hospital group, Epworth HealthCare, has been targeted by a fake ransomware group known as 0APT. The group claims to have stolen 920GB of patient data, but evidence suggests it is a bluff designed to extort money through psychological warfare.
Cyber News Centre's cyber update for 9th February 2026: Epworth HealthCare has been targeted by a new ransomware group, but the attack appears to be an elaborate bluff.
Epworth HealthCare, Victoria's largest not-for-profit private hospital group, has found itself at the centre of a data extortion campaign by a newly emerged ransomware group calling itself 0APT.
Update: The 0APT ransomware group, which surfaced in late January 2026, has listed Epworth HealthCare on its darknet leak site, claiming to have exfiltrated 920GB of sensitive clinical information, including surgical records and patient billing details.
The group threatened to publish the data on February 6th if a ransom was not paid. However, Epworth HealthCare has stated that after a thorough investigation supported by independent cybersecurity specialists, there is "no verified evidence of any impact to our systems or data".
Security researchers have independently concluded that 0APT is likely a "fake" ransomware operation. Analysis of the group's activities reveals they post a high volume of victims without credible proof of compromise, and their data leak files have been found to be empty shells or infinite streams of random data, a tactic designed to create the illusion of a legitimate breach. The group appears to be leveraging psychological pressure and the fear of reputational damage to extort victims, rather than possessing any actual stolen data. This incident follows a pattern of behaviour from 0APT, which has been widely discredited by the cybersecurity community for its unsubstantiated claims against numerous high-profile organisations globally.
Why it Matters: The rise of "scam" ransomware groups like 0APT represents a significant evolution in the cyber extortion landscape. These actors bypass the technical complexity of actual network intrusion and data theft, focusing instead on manufacturing a public relations crisis to pressure victims into paying.
For organisations, particularly in critical sectors like healthcare, this tactic poses a new and dangerous threat. It forces organisations to expend significant resources to disprove false claims and manage public fear, even when no data has been compromised.
The 0APT campaign against Epworth HealthCare serves as a critical reminder that not all ransomware threats are technically equal. It underscores the importance of robust incident response protocols that include swift, transparent communication and independent verification of claims before any consideration of payment. This incident highlights the need for a healthy dose of scepticism and thorough due diligence in the face of increasingly theatrical and deceptive extortion tactics.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
DragonForce ransomware hit Health Management Systems, an Australian healthcare software provider. Hospitals/clinics urged to check vendor security, isolate backups & train staff vs phishing.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
