Microsoft 365 remains healthcare’s weakest security link, with breaches rising from 43% in 2024 to 52% in mid-2025. Patient data exposure, soaring costs, and AI-driven cyberattacks in Australia highlight urgent gaps. Policymakers face mounting pressure to safeguard data sovereignty.
Canadian fintech firm Wealthsimple has disclosed a data breach affecting 30,000 clients after a third-party vendor was compromised. The incident exposed sensitive personal information, including Social Insurance Numbers, prompting an immediate response and enhanced security measures.
Artificial Intelligence has become the new battleground of global politics. Washington and Beijing pursue Dual-Carriage Politics, blending economic ambition, military strategy, and social values. From classrooms to trade wars, AI now shapes power, society, and the fragile balance of global order.
Microsoft 365 remains healthcare’s weakest security link, with breaches rising from 43% in 2024 to 52% in mid-2025. Patient data exposure, soaring costs, and AI-driven cyberattacks in Australia highlight urgent gaps. Policymakers face mounting pressure to safeguard data sovereignty.
Paubox’s mid-2025 report indicates that 52% of U.S. healthcare email breaches in the first half of 2025 involved Microsoft 365, up from 43.3% in 2024. The analysis, which focused on 107 email-related incidents between January and June 2025, underscores how the “world’s most widely-used business email platform” has become an irresistible target for cybercriminals.
The consequences have been severe: more than 1.6 million patient records were exposed, with an average of 16,000 records compromised per incident. Some, such as the breach at United Seating and Mobility, exceeded half a million records. IBM estimates now place the average cost of a healthcare email breach at approximately US $11 million.
Between January 2024 and January 2025, 180 healthcare organisations reported email-related breaches to the U.S. HHS OCR, with 43.3% linked directly to Microsoft 365.
Rick Kuwahara, Chief Compliance Officer at Paubox, observed:
“Healthcare IT leaders are confident in their systems, until a breach happens. What we’re seeing is a perfect storm of limited resources, expanding attack surfaces, and security strategies that rely too heavily on human vigilance.”
Key security controls were often absent. The report noted that 98.9% of organisations lacked MTA-STS protections, 37.2% left DMARC in ‘monitor-only’ mode, and only 1.1% were categorised as low-risk.
Across Australia and the wider APAC region, threat patterns mirror those in the U.S. but with an AI-enabled dimension. Aon’s 2025 Cyber Risk Report highlights that cyber incident frequency rose by 29% year-on-year and by 134% over the past four years. Social engineering incidents surged, with 53% more deepfake-enabled attacks and fraud claims up 233%.
Aon’s APAC lead, Adam Peckman, warned:
“AI is no longer a future threat—it is a present-day reality. We are seeing relatively unsophisticated actors now wield tools that rival state-sponsored capabilities.”
Australian healthcare was the most-breached sector in late 2024, accounting for 17% of all reported incidents. Non-hospital clinics and insurers were especially exposed. CyberCX notes that while AI holds promise as a tool for innovation, it is increasingly weaponised to disrupt operations. Patient identity data has become a prized target for ransomware, raising profound risks not only for service continuity but also for data sovereignty, with foreign actors targeting medical research and patient records.
The leap from 43% to 52% in Microsoft-related breaches, coupled with soaring costs, represents a crisis that healthcare can no longer ignore. Organisations must enforce DMARC rejection, deploy MTA-STS, and integrate real-time threat detection with AI-driven email filtering. Supply-chain vigilance and third-party risk management are now essential in a climate where vendor compromise is a frequent vector.
Lieutenant General Michelle McGuinness, Australia’s National Cyber Security Coordinator, has acknowledged the scale of the challenge:
“We have seen in recent years the very real impact that healthcare-related cyberattacks can have on millions of Australians.”
To help address these vulnerabilities, the Health Cyber Sharing Network (HCSN) was launched in January 2025 as a pilot programme funded by the Department of Home Affairs. Scheduled to run through to 2027, it forms a central pillar of the 2023–2030 Australian Cyber Security Strategy. In parallel, the Federal Government awarded CI-ISAC Australia a $6.4 million grant to develop a dedicated information-sharing and analysis centre for the healthcare sector.
Beyond funding initiatives, McGuinness—widely referred to as Australia’s “Cyber Security Czar”—announced significant legislative reforms at the AUSCERT 2025 Cyber Security Conference on the Gold Coast. She highlighted sweeping changes under the Cyber Security Act, which came into force in May. The legislation introduced mandatory ransomware reporting for companies with turnovers above $3 million, minimum security standards for smart devices, and established a Cyber Incident Review Board to examine lessons learned from major attacks.
McGuinness framed the law as a turning point in Australia’s cyber defence posture, requiring collective action from business, government, and citizens alike. Yet, despite these advancements, gaps remain. While the government has launched the AI Government Showcase to promote broader adoption of artificial intelligence, there are still no dedicated AI cybersecurity programmes addressing the critical intersection between AI and emerging cyber threats. AI is mentioned only in passing in the national strategy, categorised as part of “emerging technology risks”.
The question remains whether these initiatives are sufficiently robust and agile to counter an escalating and accelerating threat landscape. Critics argue the government has yet to establish dedicated AI centres of excellence or AI-focused cyber initiatives, leaving Australia exposed in a rapidly shifting digital battleground.
Healthcare’s reliance on email, particularly for critical clinical communication, amplifies risk. The evidence is clear: human error remains the most significant vulnerability. As Rick Kuwahara emphasised,
“Healthcare IT leaders are confident in their systems, until a breach happens.”
In Australia, where data sovereignty and AI-driven vulnerabilities are accelerating, a pressing question arises: What frameworks of federal or state policy should be enacted to strengthen healthcare data security, sovereignty, and resilience?
Question for CNC readers and healthcare practitioners: What should we be asking governments—both state and federal—to implement today to safeguard patient data and ensure sovereignty in the AI era?
Thumbnail image credit: Ed Hardie / Unsplash
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Cyber incidents in the Asia-Pacific have surged 29% in the past year, with Australia facing major breaches at the University of Western Australia and Qantas. Manufacturing is the top target, deepfakes are on the rise, and experts warn the region is in a digital arms race demanding urgent action.
ASIO’s $12.5 billion espionage warning is more than a tally of stolen secrets. It reveals a national digital crisis. With 24 major spy operations disrupted and identity systems exposed, Australia’s critical infrastructure and social services face a growing risk of collapse from unseen cyber threats.
Singapore is responding to a cyberattack by UNC3886, a China-linked espionage group targeting critical infrastructure. Minister K. Shanmugam confirmed the threat is serious and ongoing, as the CSA leads investigations to protect national services from long-term disruption.
Australia has become one of the first countries to mandate AS IEC 62443 standards by law, transforming healthcare cybersecurity into a legal obligation. The move marks a critical shift toward operational resilience and positions patient safety at the center of cyber strategy.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
