A major data breach has affected thousands of family violence and sexual assault victims. 

The personal details of thousands of victims have been exposed due to a data breach at ZircoDATA, a document-scanning business. 

This breach most notably affected Monash Health, Victoria's largest public health service, exposing sensitive information collected by their family violence and sexual support units from 1970 to 1993. 

About 4,000 individuals who used these services are now at risk of having their personal information exposed.

Monash Health says it “is providing support to those people who may be impacted by this breach”.

Monash Health is not the only group to have sensitive data exposed, with Melbourne Polytechnic also confirming that enrollment information for approximately 60,000 past and present students was accessed.

The cyberattack on ZircoDATA has been attributed to the Black Basta ransomware gang, which exploited vulnerabilities in systems running Microsoft's Windows operating system. ZircoDATA says that the attack was first noticed on 28 February when unauthorised access to their servers was detected.

Federal and state authorities, including the Australian Federal Police, have launched investigations into the breach. 

The efforts to address the breach's ramifications are being coordinated by Lieutenant-General Michelle McGuinness - Australia’s National Cyber Security Coordinator -  who says steps are being taken to assess and mitigate the damage. 

In addition to direct impacts on individuals, this incident has cast a spotlight on the vulnerability of data held by third-party service providers and the broader implications for cybersecurity in sectors prone to such attacks. 

The breach at ZircoDATA not only compromised the privacy of thousands but also highlights the challenges in securing sensitive information against increasingly sophisticated cyber threats.