Ransomware Attack on Australian eScripts Provider Affects 12.9 Million Australians
A ransomware attack on the Australian electronic prescription service provider MediSecure resulted in the theft of 6.5TB of data, including the sensitive data of up to 12.9 million Australians – around half of Australia’s population. That makes this the largest data breach in the country so far this year and one of the top 5 Australian data breaches of all time.
The attack was identified on April 13, 2024; however, it has taken some time to determine the extent of the data breach. MediSecure said it was possible to reconstruct the affected server from a backup and all reasonable efforts have been made to identify the affected individuals and the data involved. That process has been incredibly time-consuming as the server contained an extremely large volume of semi-structured and unstructured data across a variety of different data sets.
The data in the backup related to individuals who used MediSecure for prescription delivery between March 2019 and November 2023 and included names, contact information, Medicare and concession card information, and prescription information. At the time of the attack, MediSecure did not have any connections to the prescribing and dispensing of medications.
MediSecure went into administration following the hack, and the administrators recently confirmed that the exact number of individuals affected and specific data elements involved may never be known, as it is not practicable to specifically identify the affected individuals and the exact information that was compromised in the attack.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Since MediSecure has gone into administration, there are insufficient resources available to allow the public to make inquiries about whether their data was compromised and MediSecure is not in a financial position where it can cover the cost. MediSecure attempted to get a bailout from the Australian government to allow it to continue to operate but the request was refused.
A sample of the stolen data was posted on the dark web by the threat actor behind the attack and cyber threat analysts believe the stolen data has already been sold. The data was originally listed with a price tag of $50,000 and the original listing now says the data has been sold. The same data has allegedly been relisted by the buyer and offered at the discounted price of $25,000. The Australian National Cyber Security Coordinator has issued a warning to all the affected individuals about the threat of scams and misuse of their data.
