MediSecure data breach following ransomware attack affects millions of patients

Almost 13 million people have had sensitive information stolen

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A recent ransomware attack against healthcare firm MediSecure resulted in the theft of sensitive data belonging to almost 13 million people, the company has confirmed.

Australian prescription delivery service provider MediSecure suffered aransomwareattack in April 2023, notifying the public a month later, saying it suffered a “cyber security incident”, bringing in third-party cybersecurity experts, and notified the relevant authorities.

Now, after concluding its investigation, the company confirmed that the attackers stole personally identifiable information (PII) on approximately 12.9 million people.

Names, addresses, and phone numbers

“MediSecure can confirm that approximately 12.9 million Australians who used the MediSecure prescription delivery service during the approximate period of March 2019 to November 2023 are impacted by this Incident based on individuals’ healthcare identifiers. However, MediSecure is unable to identify the specific impacted individuals despite making all reasonable efforts to do so due to the complexity of the data set.”

Being unable to identify the specific impacted individuals is rather curious, since the information stolen includes people’s names, dates of birth, postal addresses, phone numbers, email addresses, individual healthcare identifiers (IHI), Medicare card numbers, prescription medication details, the reason for the prescription and instructions on how to use the drugs.

Furthermore, the archive includes Pensioner Concession, Commonwealth Seniors, Healthcare Concession, and Department of Veterans’ Affairs (DVA) (Gold, White, Orange) card numbers.

Usually, law enforcement agencies will advise organizations against paying the ransom in exchange for the decryption key. Instead, they suggest firms keep fresh backups at hand, at all times, to be able to restore their systems swiftly, and resume operations as soon as possible. MediSecure seems to have done just that, as it said that on 17 May it “successfully restored a complete backup of the server”.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind