What did the 0APT group claim regarding Epworth HealthCare?

The 0APT ransomware group claimed to have exfiltrated 920 GB of sensitive clinical data, including surgical records, patient names, and billing details.

How did Epworth HealthCare respond to the data breach allegations?

Epworth HealthCare stated it found no evidence of a breach, confirmed its systems remain secure, and activated incident response protocols with external specialists.

What are the technical details of the 0APT ransomware?

The malware is a C#-based strain using Salsa20 for file encryption and RSA-1024 for key protection, sharing technical similarities with the Haron ransomware.

Is the 0APT ransomware group considered credible?

Credibility is disputed; while some firms analyzed its malware, trackers like Ransomware.live removed the group due to unverified and potentially random victim selection.

What should patients do in response to these claims?

Patients should monitor their financial and insurance statements for unauthorized activity and be cautious of phishing attempts targeting their personal information.

Incident

Epworth HealthCare Investigates Unverified 920 GB Data Theft Claim by 0APT Ransomware Group

published: Feb. 5, 2026

Learn More

Epworth HealthCare, a major non-profit healthcare provider in Victoria, Australia, is investigating claims of a massive data breach by the 0APT ransomware group. The group claims to have stolen 920 GB of sensitive Information and that it's negotiating with the provider.

The stolen data allegedly includes:

Surgical records
Patient names
Clinical information
Billing details for services in USD and AUD

The number of affected individuals is not disclosed.

Epworth HealthCare has stated it found no evidence of a compromise within its internal systems and that patient care remains fully operational and safe across all hospital locations. The very specific wording about internal systems still does not fully deny an incident at a third party supplier or subcontractor that exposed the data.

Some threat intelligence trackers, such as Ransomware.live, have flagged the group as unreliable due to a lack of verifiable victims.

Epworth HealthCare Investigates Unverified 920 GB Data Theft Claim by 0APT Ransomware Group

Read More
Northern Montana Health Care reports third party data …
Lubbock based Trustpoint Rehabilitation Hospital reports data breach
Lyon Management Group, Inc. (Lyon Living) reports data …
Kentucky pediatric practice "Physicians to Children & Adolescents" …
US counseling and health services provider Equinox reports …