Pathology Lab Fined $5.8 Million Over Leak of Patient Data

In a historic decision, the court found the company liable for inadequate protections and insufficient follow-up after the leak.

Rex Widerstrom

10/9/2025|Updated: 10/9/2025

0:00

The parent company of a pathology laboratory has been ordered to pay $5.8 million in civil penalties for inadequately protecting patient data, in the first case brought under the Commonwealth Privacy Act.

The Federal Court found that Australian Clinical Labs (ACL) breached privacy law after a cyberattack on its Medlab Pathology business in 2022 led to the unauthorised access and theft of personal information belonging to more than 223,000 people.

We had a problem loading this article. Please enable javascript or use a different browser. If the issue persists, please visit our help center.

Rex Widerstrom

Author

Rex Widerstrom is a New Zealand-based reporter with over 40 years of experience in media, including radio and print. He is currently a presenter for Hutt Radio.

Author’s Selected Articles

Pathology Lab Fined $5.8 Million Over Leak of Patient Data

Assistant Secretary Nominee Says Taiwan Needs to Lift Defense Spending, Calls for Increased Sub Building

Deforestation Can Cause Eight-Fold Increase in Flood Risk, Report Finds

Australian Federal Police Chief Says Agency to Refocus on Hybrid Threats

New Zealand’s Central Bank Drops Cash Rate to 2.5 Percent as Economy Wobbles