Excerpt from TheRegister Article, Published on May 17, 2024
Australian prescription provider MediSecure has become the latest healthcare organization to fall victim to a ransomware attack, with cybercriminals reportedly stealing patients’ personal and health data.
In a statement on Thursday, MediSecure revealed that early indicators suggest the incident originated from one of its third-party vendors. While the company has not specified the number of individuals affected, it has pledged to provide updates on its website as more information becomes available. MediSecure is working closely with Australia’s National Cyber Security Coordinator to manage the incident’s impacts and has notified regulatory agencies, including the Office of the Australian Information Commissioner.
The Australian Federal Police are investigating the breach, which the National Cyber Security Coordinator described as a “large-scale ransomware data breach incident.” In a separate statement, the country’s top cybersecurity chief affirmed that the Australian government is assisting MediSecure and is still assessing the extent of the data breach. The statement reassured the public that no current ePrescriptions have been impacted or accessed. The Department of Health confirmed that there has been no disruption to the ePrescription services in use. Technical advice from MediSecure indicates that the original compromise has been isolated, and there is no evidence of an increased cyber threat to the medical sector.
Authorities are closely examining whether identity documents have been compromised. They are working with MediSecure, Services Australia, and state and territory credential issuing bodies to fully understand the impacted dataset. So far, there is no evidence suggesting that Australians need to replace their Medicare cards. If any risk to Australians’ identities is identified, the government will issue appropriate guidance.
The government is also briefing health sector industry groups about the digital intrusion and response, including the Australian Medical Association, the Pharmacy Guild of Australia, and major private hospital providers. This incident underscores the increasing trend of ransomware attacks targeting the healthcare sector, which is responsible for safeguarding highly sensitive medical and personal information. The MediSecure breach highlights the need for robust cybersecurity measures to protect against such threats.
To delve deeper into this topic, please read the full article on TheRegister
