Flaw in Telstra Health’s Argus software exposed medical records to hackers

Telstra Health has urgently addressed potential privacy breaches caused by a flaw in its Argus software.

Designed to securely communicate confidential patient information in-line with privacy standards, the software is used by more than 40,000 providers, including hospitals, GPs, specialists, primary health networks and allied health providers.

A vulnerability was identified in legacy versions of the software which made it accessible to unauthorised parties where a customer's remote desktop connections were still open.  It has been confirmed that the Argus software does not connect with My Health Record.

The flaw can be addressed with a security patch, however Telstra has advised clients who no longer use the program, to uninstall it and ensure all associated accounts are removed from computers. 

A statement from the Australian Digital Health Agency can be read here.