How did MediSecure respond to the ransomware attack?

MediSecure has taken its website offline and halted phone services. The company stopped issuing new electronic prescriptions following a federal Health Department directive that made eRx the sole e-script provider. However, existing documents remain accessible to patients online.

Who is MediSecure collaborating with to manage the breach?

MediSecure is collaborating with the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the breach's effects. The company has also informed key regulators, including the Office of the Australian Information Commissioner.

Has any ransomware group claimed responsibility for the attack on MediSecure?

So far, no ransomware group has claimed responsibility for the attack, and no data has been reported online.

What information is known about the data compromised in the MediSecure breach?

No details have been disclosed about the nature of the attack, the types of data compromised, or the number of affected individuals. MediSecure has promised transparency and further updates as more information becomes available.

Incident

Australian online prescription provider MediSecure hit by massive ransomware attack

Q: What happened in the MediSecure data breach?

MediSecure, an Australian e-script provider, was hit by a ransomware attack and data breach that compromised the personal and health information of individuals. The breach likely originated from a third-party vendor.

published: May 16, 2024

Learn More

MediSecure, an Australian e-script provider, is hit by a ransomware attack and data breach that compromised the personal and health information of individuals.

The incident was confirmed by the Australian national cyber security coordinator on Thursday. MediSecure, which facilitates electronic prescribing and dispensing of prescriptions, reported that the breach likely originated from a third-party vendor.

MediSecure has taken its website offline and halted phone services. The company has also stopped issuing new electronic prescriptions since November 15, following a federal Health Department directive that made eRx the sole e-script provider. However, existing documents remain accessible to patients online.

The company is actively collaborating with the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the breach's effects and has informed key regulators, including the Office of the Australian Information Commissioner.

No details are disclosed about the nature of the attack, the types of data compromised or number of affected individuals.

Update - as of 18th of May 2024 it was confirmed that personal data relating to prescriptions created before November 2023, on the MediSecure eScript system, was exposed by the breach. This confirmation doesn't include the number of affected individuals.

On May 24, 2024, MediSecure confirmed that a dataset containing the personal information and limited health data of its customers was published on a dark web forum by a cybercriminal group. The breach also includes data on healthcare providers. The exposed data is being offered for sale at $50,000 for over 6.5TB.

Exposed Data Includes:

Personal information of customers
Limited health information related to prescriptions
Personal information of healthcare providers

As of 17th of July 2024, MediSecure reports that the personal data of 12.9 million Australians was stolen by hackers. MediSecure, which entered bankruptcy in June 2024, could not identify specific impacted individuals due to the data's complexity and high analysis costs. A request for a government bailout was denied, and the company's financial situation prevents it from responding to potential victims.

Australian online prescription provider MediSecure hit by massive ransomware attack

Read More
US Federal contractor Opexus hit by insider threat …
Mendocino County Office of Education reports suspected Ransomware …
Calgary Public Library closes all locations due to …
Western Isles Council in Scotland reports ransomware attack
City of St. Cloud reports ransomware attack