Major cyber attack compromises 13 million Aussies' personal data
- Replies 34
In an age where our personal and health information is increasingly digitised, the security of this data is paramount.
However, the unsettling reality of our interconnected world has once again been brought to the forefront, as a staggering 12.9 million Australians have fallen victim to a significant cyber attack.
The breach, which targeted electronic prescriptions provider MediSecure, resulted in a malicious third-party actor uploading a vast amount of sensitive data to the dark web.
The gravity of the situation became apparent to MediSecure on 13 April when signs of ransomware were detected on a database server housing personal and health information.
The cyber attack was publicly acknowledged in May.
The breach affected individuals who utilised MediSecure's prescription delivery service from March 2019 to November 2023, and the stolen data amounts to 6.5 terabytes.
The compromised information is extensive and deeply personal, encompassing names, dates of birth, addresses, phone numbers, Medicare numbers, prescription details, and the reasons for the medication.
MediSecure is reviewing the exposed data set on the dark web to identify and notify those impacted by the breach.
With National Cyber Security Coordinator Lieutenant General Michelle McGuinness at the helm, the federal government has urged the public not to seek out or access the stolen information.
‘No one should go looking for or access stolen sensitive or personal information from the dark web,’ he said.
‘This activity only feeds the business model of cyber criminals and can be a criminal offence.’
‘I understand many Australians will be concerned about the scale of this breach. I encourage everyone, whether impacted in this incident or not, to be alert to being targeted in scams.’
Lt McGuinness has also called for heightened vigilance against scams, recognising the widespread concern this breach has caused among Australians.
MediSecure, one of two ePrescription delivery services until late 2023, lost its government contract to Fred IT Group’s eRx Script Exchange.
Following this, MediSecure appointed liquidators and entered administration in June. It is no longer part of Australia's digital health network.
The government has assured the public that the national prescription delivery service, eRx, remains unaffected by this cyber incident.
‘Consumers can continue to access medicines safely, and healthcare providers can still prescribe and dispense as usual,’ it stated.
In related news, Russian hackers have infiltrated ZircoDATA, a data firm connected to over 200 Australian companies and government agencies, leaking sensitive documents.
Tens of thousands of Australians' personal information has been auctioned on the dark web following the cyberattack. For more details, click here.
Have you or someone you know been affected by this cyber attack? What measures are you taking to protect your data? We’d love to hear your thoughts and opinions in the comments below.
However, the unsettling reality of our interconnected world has once again been brought to the forefront, as a staggering 12.9 million Australians have fallen victim to a significant cyber attack.
The breach, which targeted electronic prescriptions provider MediSecure, resulted in a malicious third-party actor uploading a vast amount of sensitive data to the dark web.
The gravity of the situation became apparent to MediSecure on 13 April when signs of ransomware were detected on a database server housing personal and health information.
The cyber attack was publicly acknowledged in May.
The breach affected individuals who utilised MediSecure's prescription delivery service from March 2019 to November 2023, and the stolen data amounts to 6.5 terabytes.
A cyber attack on MediSecure has compromised the personal and health information of up to 12.9 million Australians. Credit: Shutterstock
The compromised information is extensive and deeply personal, encompassing names, dates of birth, addresses, phone numbers, Medicare numbers, prescription details, and the reasons for the medication.
MediSecure is reviewing the exposed data set on the dark web to identify and notify those impacted by the breach.
With National Cyber Security Coordinator Lieutenant General Michelle McGuinness at the helm, the federal government has urged the public not to seek out or access the stolen information.
‘No one should go looking for or access stolen sensitive or personal information from the dark web,’ he said.
‘This activity only feeds the business model of cyber criminals and can be a criminal offence.’
‘I understand many Australians will be concerned about the scale of this breach. I encourage everyone, whether impacted in this incident or not, to be alert to being targeted in scams.’
Lt McGuinness has also called for heightened vigilance against scams, recognising the widespread concern this breach has caused among Australians.
MediSecure, one of two ePrescription delivery services until late 2023, lost its government contract to Fred IT Group’s eRx Script Exchange.
Following this, MediSecure appointed liquidators and entered administration in June. It is no longer part of Australia's digital health network.
The government has assured the public that the national prescription delivery service, eRx, remains unaffected by this cyber incident.
‘Consumers can continue to access medicines safely, and healthcare providers can still prescribe and dispense as usual,’ it stated.
In related news, Russian hackers have infiltrated ZircoDATA, a data firm connected to over 200 Australian companies and government agencies, leaking sensitive documents.
Tens of thousands of Australians' personal information has been auctioned on the dark web following the cyberattack. For more details, click here.
.png){kind=icon}
