The Australian federal police are investigating after the electronic prescriptions provider MediSecure reported being the victim of a large-scale ransomware data breach to national cyber security coordinator last Wednesday.
MediSecure has said the breach likely originated from a third-party vendor, but did not reveal its extent.
The national cyber security coordinator, Lt Gen Michelle McGuinness, said the government was still “working to build a picture of the size and nature of the data that has been impacted by this data breach impacting MediSecure”.
MediSecure is one of two electronic prescriptions providers in Australia that has historically been responsible for the issue of millions of electronic prescriptions and was used extensively after the Covid-19 pandemic began in 2020.
The health department said in January that since May 2020, over 189m electronic prescriptions have been issued.
Last year, the health department shifted to a single provider – eRx supplied by Fred IT Group – in a nearly $100m, four-year agreement – and as part of that agreement, healthcare providers and pharmacies moved from MediSecure to eRx. MediSecure still provides prescription services to private providers.
Current prescriptions have not been caught up in the MediSecure cyberattack, the national cyber security coordinator has said, the national cyber security coordinator said no current prescriptions were believed to have been compromised, but it has yet to be revealed how many people have had their personal information exposed.
- CyberBeat
CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.
If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us
We couldn't do this without the support of our sponsors and contributors.