TLDR:
- MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack.
- The incident is believed to have originated from one of their third-party vendors.
Australian prescriptions provider MediSecure recently experienced a large-scale ransomware data breach, with criminals stealing patients’ personal and health data. The company stated that the incident likely originated from a third-party vendor. While the number of individuals affected was not disclosed, MediSecure assured that updates will be provided on their website as more information becomes available. They are currently working with the National Cyber Security Coordinator and have informed regulatory agencies such as the Office of the Australian Information Commissioner.
The Australian Federal Police are investigating the breach, which has been described as a “large-scale ransomware data breach incident” by the National Cyber Security Coordinator. Despite the breach, the Department of Health confirmed that there has been no impact on current ePrescription services. MediSecure is collaborating with various organizations, including Services Australia, to assess the extent of the impacted data.
Healthcare organizations have increasingly become targets for ransomware attacks due to the sensitive nature of the data they handle. Notable incidents in Australia include a ransomware attack on Medibank in late 2022, where data of almost 10 million customers was leaked. With the rise in ransomware attacks, there is a growing concern for data security and potential identity theft.