A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure data breach was reported by the national cyber security coordinator — the healthcare provider believes that the breach stems from a third-party vendor.
The Australian government, through its National Cyber Security Coordinator (NCSC), has shared updates on the MediSecure data breach, initiating a comprehensive investigation and a “whole-of-government response” to address the incident’s ramifications.
Lieutenant General Michelle McGuinness, the national cyber security coordinator, confirmed MediSecure as the victim of this cyberattack in a statement on LinkedIn, describing it as a ‘large-scale ransomware data breach incident.’
Government Response to MediSecure Data Breach
Authorities, including the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP), are actively engaged in probing the MediSecure data breach.
However, details remain scarce as investigators navigate the complexities of the incident. The absence of a known threat actor claiming responsibility further complicates the situation, heightening concerns about the sophistication of cyber threats targeting the healthcare sector.
Cyber Security Minister Clare O’Neil said the government was commited to address the breach, convening a National Coordination Mechanism to coordinate efforts and mitigate the breach’s impact effectively. “I have been briefed on this incident in recent days, and the government convened a National Coordination Mechanism regarding this matter today,” Minister O’Neil said in a LinkedIn post.
“Speculation at this stage risks undermining significant work underway to support the company’s response,” O’Neil added.
The Shadow Home Affairs and Cyber Security Minister James Paterson told Sky News in an interview that the latest breach was a reminder of the currently “dangerous” cyber threat landscape, especially for the health sector.
Paterson said healthcare is a lucrative sector both for cybercriminals and nation-state actors.
“Criminal actors like to use it for ransomware because the health sector is often vulnerable to those targets, and sometimes they do pay. And nation state backed actors use it as an opportunity to gather intelligence and information about us,” Paterson explained.
Australia has been hit in the past few years by some of the largest data breaches in the form of Medibank and Optus data breaches, that impacted millions across Australia. The scope of the current breach is reportedly unlike the earlier ones, but it is still some of the most personally and privately significant information that exists about a person, Paterson said.
“This is very distressing for Australians when it is released publicly. And it is important that the federal government get on top of this straight away and do whatever they can to stop the proliferation of this information online,” he added.
MediSecure has taken proactive measures, including taking its website offline, as it works to contain the breach’s fallout. In a statement, the company acknowledged the incident and stated, “We have taken immediate steps to mitigate any potential impact on our systems. While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors”, reads the statement.
The Cyber Express has reached out to MediSecure to learn more about this data breach. However, at the time of writing this, no official statement or response has been shared.
The organization did share a statement on its website, stating “MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time.”
Cyberattacks on the Healthcare Sector
This cyberattack on MediSecure echoes previous breaches in Australia’s healthcare sector, including the 2022 data breach involving Medibank, which compromised the personal data of millions of Australians. In 2023, healthcare organizations globally faced an unprecedented wave of cyberattacks, affecting over 116 million individuals in the US alone, more than double the previous year’s count.
Notable incidents include data breaches at Delta Dental of California, Fred Hutch Cancer Center, Norton Healthcare, and HCA Healthcare, among others. German hospitals also fell victim to ransomware attacks, disrupting medical services.
The European Union Agency for Cybersecurity reported that the majority of attacks targeted healthcare providers, with financial motives driving 83% of incidents. India witnessed a surge in cybercrime, with significant financial losses and high-profile attacks during the G20 summit.
The recurrence of such incidents highlights the persistent cybersecurity vulnerabilities plaguing the healthcare industry, necessitating comprehensive strategies to fortify defenses against evolving cyber threats.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
