Share this article on:
The Home Affairs Minister has said the hacked e-prescription is taking an “unacceptably long time” to confirm how much data has been compromised following a mid-May hack.
The Minister for Cyber Security, Clare O’Neil, has taken e-prescription firm MediSecure to task over a lack of reporting following a data breach that saw 6.5 terabytes of stolen prescription data leaked onto a Russian hacking forum.
“This week, through the national cyber security coordinator, I asked MediSecure as a matter of urgency to clarify what personal information has been taken from their records, and provide notification to potentially affected people,” Minister O’Neil said.
“It has taken an unacceptably long time for MediSecure to provide clarity on the details of data that may have been stolen from them in the recent data breach.
“At this stage, we do not know the extent of the breach. However, people who may be affected need to be equipped with that knowledge so they can take appropriate precautions.
“I’ve outlined to MediSecure my clear expectation that they get to the bottom of this incident, and communicate that to the public. The public would reasonably expect more regular updates on the progress of that process.”
MediSecure has remained quiet regarding the incident, with the last update on its website dated 24 May, when it confirmed it was aware that a stolen data set was in circulation online.
“MediSecure is aware that a data set containing the personal information and limited health information of our customers has been made available on a dark web forum,” the company said on 24 May.
“We urge Australians to not go looking for this data. Accessing stolen sensitive or personal information on the dark web only promotes future cyber criminal activities against Australian businesses.”
Lieutenant General Michelle McGuinness, the national cyber security coordinator, also warned Australians not to go looking for the data.
“Australians should not go looking for this data. Accessing stolen sensitive or personal information on the dark web only feeds the business model of cyber criminals,” LTGEN McGuinness said on the same day.
“All Australian government agencies involved in the response are aware of the advertisement. Under joint standing arrangements, Operation Aquila, the Australian Federal Police and Australian Signals Directorate are supporting this response.”
MediSecure had requested financial support from the government on 24 May to help cover its operating costs while it dealt with the incident, but that request was denied.
The incident first came to light when the national cyber security coordinator warned of a “large-scale ransomware data breach incident” on 16 May, with MediSecure admitting it was the victim later that afternoon.
On 23 May, a member of a Russian hacking forum posted a sample of the data, which appeared legitimate, and offered up the entire 6.5 terabyte dataset for sale. The asking price was US$50,000.
“Includes information on citizens, insurance numbers, phone numbers, addresses, full names, supplier information, contractor information, emails, user+passwords for MedSecure [sic] website, prescription information (who was prescribed what), IP addresses of visitors to the site and etc,” the poster, called Ansgar, said.
The data appears to consist of more than 50 million rows of data, presumably related to e-prescriptions managed by MediSecure prior to 2023, when it ceased that particular service.
MediSecure has not responded to requests for further comment on the incident.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.