A devastating cyber security incident has struck MediSecure, a prescription delivery service provider, exposing the personal and sensitive information of approximately 12.9 million Australians.
The incident, which occurred between March 2019 and November 2023, involved the theft of data by a malicious third-party actor.
On April 13, 2024, MediSecure discovered that a database server had been encrypted by suspected ransomware. Immediate actions were taken to secure the IT environment and investigate the cause of the unauthorized access.
The investigation revealed that the malicious actor likely exfiltrated 6.5TB of data, although the encrypted server could not be examined to determine the specific information accessed.
Types of Stolen Data
The data breach has exposed a wide range of personal and sensitive information, including:
- The breached data includes:
- Full name
- Title
- Date of birth
- Gender
- Email address
- Address
- Phone number
- Individual healthcare identifier (IHI)
- Medicare card number and expiry
- Pensioner Concession card number and expiry
- Commonwealth Seniors card number and expiry
- Healthcare Concession card number and expiry
- Department of Veterans’ Affairs (DVA) card number and expiry
- Prescription medication details
- Reason for prescription and instructions
MediSecure has implored individuals and organizations not to search for the stolen data on the dark web, as doing so may encourage further criminal activity and potentially cause harm to the affected Australians. Dealing in stolen personal information is also an offense, punishable by up to 5 years’ imprisonment.
The Department of Home Affairs has set up a dedicated webpage to provide information and resources related to the MediSecure cyber security incident.
Affected individuals are encouraged to visit the webpage and utilize the resources provided by various government agencies and organizations, including the Office of the Australian Information Commissioner (OAIC), IDMatch, Scamwatch, Australian Signals Directorate (ASD), and ReportCyber.
Mental health support is also available through Lifeline, Kids Helpline, Beyond Blue, MensLine, SANE Helpline, and Headspace.
MediSecure continues to work closely with the National Cyber Security Coordinator, AFP, ASD, and OAIC to respond to the incident in a manner consistent with Australia’s national security interests and the community’s expectations.
The Australian Government report states, “Prescriptions continue to work as normal. People should keep accessing their medications and filling their prescriptions. This includes prescriptions (paper and electronic) that may have been issued up until November 2023”
MediSecure has published a public notice on the nature and extent of the incident. As more information becomes available, updates on the progress of the response will be provided.