In a significant cyber attack, MediSecure, a now-defunct eScripts provider, experienced a ransomware breach that resulted in the theft of personal data from 12.9 million Australians.MediSecure, one of the only two eScript providers in Australia until late last year, entered voluntary administration in June after the government declined financial assistance, leaving many questions about the protection and future use of the stolen data, and why the attack which occurred last year, was only disclosed in May 2024.
“MediSecure wishes to inform the public that the personal and sensitive information, including contact and health information, of approximately 12.9 million (users) during the approximate period of March 2019 to November 2023, was contained within MediSecure data stolen by a malicious third-party actor.” the company said.
What Has Happened to the Stolen Data?
The fate of the stolen data remains uncertain, with no comprehensive updates from MediSecure or relevant authorities regarding its misuse or recovery. Given the scale of the breach, the stolen information is highly valuable and could potentially be sold on the dark web or used in various cybercriminal activities.
MediSecure now has reports from an additional analysis that confirmed the impacted data included personal information including full names, titles, dates of birth, gender addresses, email addresses, phone numbers, and individual healthcare identifiers (IHI) such as:
- Medicare card numbers (including individual identifier and expiry), Pensioner Concession card number and expiry, Commonwealth Seniors card number and expiry, Healthcare Concession card number and expiry, Department of Veterans’ Affairs (DVA) (Gold, White, Orange) card number and expiry, and
- Details of prescription medication, including the name of the drug, strength, quantity, and the reason for prescription and instructions.
Latest Update on the Situation
The Australian Federal Police (AFP) is actively investigating the breach. MediSecure has cited financial constraints as a significant limitation in their ability to respond effectively to the attack and assist affected individuals. To date, there has been no direct contact from MediSecure to those whose data was compromised, leading to growing concerns among the public and the business community about transparency and responsibility in handling such incidents.
Recommendations for Affected Individuals
If you believe your data may have been compromised in the MediSecure breach, we recommend considering the following steps to enhance your security:- Update Passwords: Change passwords for online accounts, particularly those related to financial services, and use strong, unique passwords for each account.
- Enable Two-Factor Authentication (2FA): Enhance your account security by enabling 2FA wherever possible.
- Check Credit Reports: Regularly review your credit report for any unauthorised activities. In Australia, you can get a free annual credit report from agencies like Equifax, Experian, and illion.
- Be Wary of Phishing Scams: Be cautious of unsolicited communications asking for personal information or containing suspicious links.
- Report Suspicious Activities: If you notice any suspicious activity, report it to your bank and relevant authorities immediately.
Lessons for Australian Businesses
The MediSecure cyber attack is a stark reminder of the critical importance of robust cyber security measures, especially for organisations handling sensitive personal data. Australian business leaders must prioritise cyber security to protect their customers and maintain trust. Continuous monitoring, proactive security measures, and transparent communication are essential in mitigating the impact of such breaches and safeguarding against future threats.
Key Takeaways
1. Proactive Cyber Security Measures: Businesses should adopt a proactive approach to cyber security, including regular risk assessments, employee training, and the implementation of advanced threat detection and response systems.
2. Incident Response Plan: Developing and regularly updating an incident response plan is crucial. This plan should outline steps for containing a breach, notifying affected parties, and coordinating with law enforcement.
3. Transparency and Communication: Clear and timely communication with customers and stakeholders during and after a cyber incident is vital to maintain trust and manage reputational damage.
4. Government and Industry Collaboration: Enhanced collaboration between the government and private sector can lead to better sharing of threat intelligence and the development of stronger cyber security standards and regulations.
The MediSecure breach serves as a wake-up call for Australian businesses to re-evaluate their cyber security posture. In an era where cyber threats are increasingly sophisticated and pervasive, ensuring the security of personal data is not just a regulatory requirement but a fundamental aspect of business integrity and customer trust.
How Diamond IT Can Support Your Cyber Security Strategy
The Diamond IT team specialises in reviewing cyber security strategies to ensure they are fit-for-purpose, align with government recommendations and include the necessary defences required to best protect your business from malicious threats.
We can support you by establishing your Essential Eight maturity level and improving your overall cyber security posture.
Our Business Technology Managers (BTMs) and Business Technology Consulting team are specialists in improving your internal cyber security and are ready to speak with you. Contact our team on 1300 307 907 today.
