Cyber Attack Probe Concluded by MediSecure
In a significant cybersecurity incident, MediSecure, a prominent Australian healthcare services provider, discovered that a database server had been encrypted by suspected ransomware in April 2024. The public was informed about the attack on May 16, 2024.
Upon restoring a complete server backup on May 17, 2024, MediSecure began an immediate investigation into the impacted data. Regrettably, the investigation revealed that 6.5TB of data stored on the server was likely exfiltrated by a malicious third-party actor.
The data set affected by the cyber attack includes full name, title, date of birth, gender, email address, address, phone number, individual healthcare identifier (IHI), Medicare card number, Pensioner Concession card number, Commonwealth Seniors card number, Healthcare Concession card number, Department of Veterans' Affairs (DVA) card number, prescription medication details, reason for prescription, and instructions.
Approximately 12.9 million Australians using the MediSecure prescription delivery service had their personal and sensitive information, including contact and health information, stolen. The Australian Government is not aware of the publication of the full data set from the MediSecure cyber attack.
MediSecure notified various authorities, including the National Cyber Security Coordinator, the Australian Federal Police, the Australian Signals Directorate, and the Office of the Australian Information Commissioner, about the incident.
People are advised not to look for or access stolen sensitive or personal information from the dark web related to the MediSecure cyber attack, as it can be a criminal offence. Scams referencing the MediSecure data breach should be avoided, and unsolicited contact that references the data breach should not be responded to.
If contacted by someone claiming to be a medical or other service provider, including financial service provider, seeking personal, payment or banking information, the contact should be hung up and an independent phone number should be called.
MediSecure's investigation, which was initially conducted in collaboration with the Federal Office for Information Security (BSI) and the Federal Criminal Police Office (BKA), was terminated due to disagreements over data handling and investigative approaches.
In response to the incident's costs and limited financial resources, MediSecure appointed administrators to MediSecure Ltd and Operations MDS Pty Ltd on June 4, 2024. The Australian Government declined a funding request from MediSecure to assist with the costs of responding to the incident.
It is essential to emphasise that the cyber attack has not interrupted Australia's national prescription delivery service. The public is encouraged to continue using necessary healthcare services without concern for disruption.
Despite making all reasonable efforts, MediSecure cannot identify the specific individuals whose data was taken due to the complexity of the data set. The Australian Government continues to monitor the situation closely and will provide updates as more information becomes available.
Read also:
- MERS (Middle East Respiratory Syndrome): A Comprehensive Overview and Treatment Guide
- Strategies to Maintain Optimal Eye Health Throughout Aging Process
- Hearings on the HHS Budget Detail a Fresh Approach for Public Healthcare Policies
- Navigating Life with PTSD: Techniques for Managing Anxiety and Recurring Flashbacks
