Australian digital prescription services provider MediSecure has confirmed that the personal and health information of 12.9 million individuals was stolen in an April 2024 ransomware attack.
The incident, which came to light in May, involved a database server containing the sensitive information of individuals who received services from MediSecure between March 2019 and November 2023.
“MediSecure is unable to identify the specific impacted individuals despite making all reasonable efforts to do so due to the complexity of the data set,” the company said in an updated incident notice.
According to the company, the server hosted semi-structured and unstructured data across multiple data sets, which made identifying the affected individuals not practicable without “incurring substantial cost that MediSecure was not in a financial position to meet”.
The attackers stole 6.5 terabytes of data before deploying the file-encrypting ransomware, but MediSecure was able to restore it using a clean backup.
The potentially stolen information, the company says, includes names, dates of birth, gender, addresses, phone numbers, email addresses, individual healthcare identifiers, Medicare card numbers and individual identifiers, prescription medication, and Pensioner Concession, Commonwealth Seniors, Healthcare Concession, Department of Veterans’ Affairs (DVA) card numbers and expiry.
“The types of information impacted may increase the likelihood of Australians being targeted by phishing, identity-related crime and cyber scam activities,” MediSecure said.
MediSecure urged individuals to refrain from searching for the stolen information on the dark web, as this would “encourage the criminal activity that has led to this incident and may further the potential harm to Australians impacted”.
On May 23, a threat actor posted on an underground forum under the name of Ansgar claiming to be in the possession of data stolen from MediSecure and to be offering it to interested buyers, for $50,000.
The company also underlined that the incident did not affect the prescription delivery services in Australia, which has been provided by eRx since November 2023.
“MediSecure would like to reiterate it is not a current participant in Australia’s digital health network. At the time of the Incident, MediSecure did not have any connections to the prescribing and dispensing of medications,” the company said.
“Prescriptions continue to work as normal. People should keep accessing their medications and filling their prescriptions. This includes prescriptions (paper and electronic) that may have been issued up until November 2023,” Australia’s Department of Home Affairs said on Thursday.
Related: MNGI Digestive Health Data Breach Impacts 765,000 Individuals
Related: UnitedHealth Sticks to 2024 Outlook Despite Strong Quarter With Costs From Massive Cyberattack High
Related: Data of Millions of mSpy Customers Leaked Online
Related: Eyeglass Reflections Can Leak Information During Video Calls
