At least 12.9 million Australians had their data stolen in the MediSecure hack earlier this year. But the eScripts provider now says it is unable to identify specific individuals affected in what is one of the largest breaches in the nation’s history.
Key Takeaways
- MediSecure, an eScript provider, was the victim of a ransomware attack.
- The breach continued until November 2023, although it was confirmed in May 2024.
- 12.9 million Australians had personal data, including sensitive health information, stolen.
- MediSecure went into voluntary administration in June after losing its primary government contract.
- The stolen data includes full names, phone numbers, dates of birth, home addresses, Medicare numbers, and medication details.
- The Australian Federal Police are investigating the breach.
Background
MediSecure, one of Australia’s key eScript providers, facilitates electronic prescriptions and dispensing. The company confirmed a ransomware attack in May 2024, but the breach itself occurred earlier and persisted until November 2023.
Despite efforts, MediSecure says it could not identify the specific impacted individuals due to the complexity of the data set and the cost of such an undertaking was also beyond its financial capabilities.
The breach led to the exposure of 6.5 terabytes of data, which included personal and sensitive health information. While credit card details were not compromised, the breadth of other personal data has raised new concerns over the country’s cyber security infrastructure.
Crucial quote
“By the time this breach happened, MediSecure had lost its main source of revenue,” said Katherine Mansted, Director of Cyber Intelligence for CyberCX. “That, of course, has complicated the response to this incident.”
Big number
12.9 million – The number of Australians affected by the MediSecure data breach, marking it as one of the largest cyber security incidents in the nation’s history.
Are you – or is someone you know -creating the next Afterpay or Canva? Nominations are open for Forbes Australia’s first 30 under 30 list. Entries close midnight, July 31, 2024.
Look back on the week that was with hand-picked articles from Australia and around the world. Sign up to the Forbes Australia newsletter here or become a member here.
