Who is responsible for the Toowoomba Friendlies Society Dispensary breach?

The DragonForce cybercriminal group has claimed responsibility for the breach. The group listed the Toowoomba-based healthcare provider as a victim on its dark web leak site and published the allegedly stolen data.

What types of patient information were allegedly exposed in the Toowoomba Friendlies breach?

The exposed patient data allegedly includes names, addresses, and photographs; detailed medical treatment records and prescriptions including methadone treatment and emergency contraceptive prescriptions; vaccination lists and immunization records; NDIS participant information and disability service details; and patient identification documents and government-issued credentials.

Was NDIS participant information compromised in the Toowoomba Friendlies breach?

Yes, as a registered NDIS provider, Toowoomba Friendlies Society Dispensary maintains records of disability services participants. The allegedly stolen data includes NDIS participant information and disability service details, which could be particularly sensitive given the vulnerable population served.

What employee information was allegedly compromised in the Toowoomba Friendlies breach?

The breach allegedly exposed staff payroll information and employment records, Medicare card scans and driver's license copies of employees. This puts employees at risk of identity theft and financial fraud in addition to the patient data exposure.

How many people were affected by the Toowoomba Friendlies Society Dispensary breach?

The number of affected individuals has not been disclosed. Given that the organization has served the region since 1897 and operates as both a pharmacy and NDIS provider, the number of potentially affected patients, participants, and employees could be substantial.

Has Toowoomba Friendlies Society Dispensary responded to the breach claims?

No, Toowoomba Friendlies Society Dispensary has not yet issued a public statement regarding the incident. The organization has not confirmed or denied the breach claims made by the DragonForce cybercriminal group.

What should patients and NDIS participants do about the Toowoomba Friendlies breach?

While the organization has not yet confirmed the breach, individuals who have used Toowoomba Friendlies Society Dispensary services should monitor their accounts for suspicious activity, be cautious of phishing attempts, watch for unusual medical billing, consider placing fraud alerts on their credit reports, and stay alert for official communications from the organization. NDIS participants should also monitor their NDIS accounts and report any suspicious activity to the NDIA.

Incident

DragonForce Ransomware gang leaks data allegedly stolen from Toowoomba Friendlies Society Dispensary

Q: What happened to Toowoomba Friendlies Society Dispensary?

The DragonForce cybercriminal group claims to have breached Toowoomba Friendlies Society Dispensary, a community-owned Queensland healthcare organization and registered National Disability Insurance Scheme (NDIS) provider. The hackers published a 35.82 gigabyte allegedly stolen dataset on their dark web leak site.

Q: What is Toowoomba Friendlies Society Dispensary?

Toowoomba Friendlies Society Dispensary is a community-owned organization that has served the Queensland region since 1897, providing pharmacy services, mobility supplies, home modifications, vaccinations, and delivery services. As a registered NDIS provider, the organization maintains records of disability services participants and their personal health information.

Q: How much data was allegedly stolen from Toowoomba Friendlies Society Dispensary?

The DragonForce group claims to have stolen 35.82 gigabytes of data from Toowoomba Friendlies Society Dispensary. This represents a substantial amount of potentially sensitive healthcare and personal information.

published: Sept. 2, 2025

Learn More

DragonForce cybercriminal group claims to have breached Toowoomba Friendlies Society Dispensary, a community-owned Queensland healthcare organization and registered National Disability Insurance Scheme (NDIS) provider.

Toowoomba Friendlies Society Dispensary operates as a community-owned organization that has served the region since 1897, providing pharmacy services, mobility supplies, home modifications, vaccinations, and delivery services. As a registered NDIS provider, the organization maintains records of disability services participants and their personal health information.

The hackers listed the Toowoomba-based healthcare provider as a victim on its dark web leak site and published the 35.82 gigabytes allegedly stolen dataset. Exposed data includes:

Patient names, addresses, and photographs
Detailed medical treatment records and prescriptions, including methadone treatment and emergency contraceptive prescriptions
Vaccination lists and immunization records
NDIS participant information and disability service details
Financial documents and billing records
Staff payroll information and employment records
Medicare card scans and driver's license copies of employees
Patient identification documents and government-issued credentials
Counterparty and business partner information

The number of affected individuals is not disclosed.

Toowoomba Friendlies Society Dispensary has not yet issued a public statement regarding the incident.

DragonForce Ransomware gang leaks data allegedly stolen from Toowoomba Friendlies Society Dispensary

Read More
Atrium Health reports data breach after phishing attack
Hong Kong Hospital Authority Data Breach Exposes 56,000 …
CompleteCare Health Network reports data breach after October …
Indian Organ Retrieval Banking Organisation exposes organ donor …
Life Care Services senior living facilities report data …