MediSecure Data Breach Affects 13 Million Australians
MediSecure, a prescription delivery service, has suffered a major data breach, impacting nearly 13 million Australians. The incident, which occurred in May 2024, involved sensitive personal and health information stored between March 2019 and November 2023. The company has been working with the Australian government to notify those affected but has been denied funding for response costs.
The breach was caused by a ransomware attack via a third-party supplier, with over 6.5TB of data offered for sale on the dark web for $50,000. The stolen data includes full names, dates of birth, genders, email addresses, home addresses, phone numbers, and prescription medication details, as well as healthcare identifiers. MediSecure has warned of potential phishing, identity-related crime, and cyber scam activities targeting Australians.
MediSecure entered voluntary administration in June 2024, appointing liquidators. Despite the large volume and variety of data, the company was unable to specifically identify all impacted individuals. Australia's Department of Home Affairs confirmed that the national prescription delivery service, eRx, has not been affected by the incident.
The cyber-attack on MediSecure has raised serious concerns about data security and privacy. With nearly 13 million Australians' personal and health data compromised, the incident highlights the need for robust cybersecurity measures. Those potentially affected should remain vigilant and report any suspicious activity to relevant authorities.
