Massive data breach compromises health information of 12.9 million Australians


Sydney, Jul 18 (IANS): Electronic prescription provider MediSecure has revealed that the personal data of approximately 12.9 million Australians were leaked during a cyber security incident earlier this year.

On April 13, MediSecure discovered that a database server had been encrypted by suspected ransomware, before the incident was first notified to the public on May 16.

In its latest update on the data breach investigation, the Melbourne-based company said that 6.5 TB of data was likely exfiltrated by "a malicious third-party actor," but the server could not be examined to ascertain the information specifically accessed.

"MediSecure can confirm that approximately 12.9 million Australians who used the MediSecure prescription delivery service during the approximate period of March 2019 to November 2023 are impacted by this incident based on individuals' healthcare identifiers," said the company, Xinhua news agency reported.

"However, MediSecure is unable to identify the specific impacted individuals despite making all reasonable efforts to do so due to the complexity of the data set," it added.

The kinds of leaked information include but are not limited to name, date of birth, gender, address, Medicare card number, as well as prescription medication.

MediSecure also highlighted an increased likelihood of Australians being targeted by phishing, identity-related crime, and cyber scam activities, given the types of the data impacted.

Having entered into voluntary administration in early June, the company is not a current participant in Australia's digital health network, while Australians can continue to access medicines through the national prescription delivery service eRx.

According to the Australian Department of Home Affairs, the eScript system enabled prescriptions to be delivered from prescribers to a pharmacy of an individual's choice. MediSecure was one of two prescription delivery services operating nationally until last year.

In May 2023, the Australian government finalized a tender for this service, granting it solely to another company Fred IT Group's eRx Script Exchange (eRx), which remains untouched by the MediSecure cyber attack.

Australian Broadcasting Corporation commented that with 12.9 million people having their personal data compromised, the incident marks "one of the largest cyber breaches in Australian history."

 

 

  

Top Stories


Leave a Comment

Title: Massive data breach compromises health information of 12.9 million Australians



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.