Health data breach Electronic prescription provider MediSecure victim of largescale data breach personal and health information at risk
Electronic prescription provider MediSecure victim of 'large-scale' data breach, 'personal and health information' at risk
By Daniel Jeffrey
4:29pm May 16, 2024
Play Video
Electronic prescription provider hit by 'large-scale' data breach
Electronic prescription provider hit by 'large-scale' data breachNOW
Electronic prescription provider hit by 'large-scale' data breach
Police release helicopter vision of alleged stolen car
Police release helicopter vision of alleged stolen car
Rare footage of squid ‘attacking’ camera captured
Rare footage of squid ‘attacking’ camera captured
Five arrested, $2.5 million in drugs seized in major police operation
Five arrested, $2.5 million in drugs seized in major police operation
Two tobacco stores firebombed in Melbourne
Two tobacco stores firebombed in Melbourne
Woman, baby safe after alleged abduction over laptops
Woman, baby safe after alleged abduction over laptops
Police charge three A-league footballers over alleged betting plot
Police charge three A-league footballers over alleged betting plot
A-League players arrested in Sydney
A-League players arrested in Sydney
Woman and baby safe after abduction from Melbourne car park
Woman and baby safe after abduction from Melbourne car park
Police investigate separate tobacco store fires in Melbourne
Police investigate separate tobacco store fires in Melbourne
Family cheers after amazing news from 11-year-old cancer patient
Family cheers after amazing news from 11-year-old cancer patient
Coastal boardwalk touted as tourist drawcard
Coastal boardwalk touted as tourist drawcard
Bill Shorten and Peter Dutton clash over Opposition's response to federal budget
Bill Shorten and Peter Dutton clash over Opposition's response to federal budget
240517-8AM-HOUSEPRICES_2024-05-16T22-14-40.mp4
240517-8AM-HOUSEPRICES_2024-05-16T22-14-40.mp4
240517-730-SPORTSHOMOPHOBIA_2024-05-16T21-37-45.mp4
240517-730-SPORTSHOMOPHOBIA_2024-05-16T21-37-45.mp4
CCTV footage released before fatal hit-run in Melbourne
CCTV footage released before fatal hit-run in Melbourne
Police searching for suspects after man shot in the neck during a violent robbery in Queensland
Police searching for suspects after man shot in the neck during a violent robbery in Queensland
Mining company’s impact on WA catchments revealed
Mining company’s impact on WA catchments revealed
Commuters 'very scared' after man allegedly hit Perth bus with axe
Commuters 'very scared' after man allegedly hit Perth bus with axe
Opposition Leader Peter Dutton delivers budget reply speech
Opposition Leader Peter Dutton delivers budget reply speech
Great-grandmother embraced by Magpies after ugly e-scooter incident
Great-grandmother embraced by Magpies after ugly e-scooter incident
The Melbourne cafe that still sells coffee for $2.50
The Melbourne cafe that still sells coffee for $2.50
How men can help lead change to domestic violence
How men can help lead change to domestic violence
SA education curriculum set to change under new plan
SA education curriculum set to change under new plan
Tweet
Facebook
Mail
Electronic prescription provider MediSecure has fallen victim to a "large scale" data breach, potentially putting Australians' private medical information at risk and sparking a national approach from the federal government.
The company released a statement on its website – which is now otherwise inactive – this afternoon confirming the breach involved "personal and health information".
"We have taken immediate steps to mitigate any potential impact on our systems," it said.
READ MORE: Reserve Bank debunks popular rental crisis myth
The statement posted by MediSecure.
The statement posted by MediSecure. (MediSecure)
"While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors."
The company provided a system to allow healthcare professionals like GPs to send prescriptions to patients electronically.
Its logo contains the tagline: "eScripts. Sent. Secure. Safe."
It has not been used since November 15 for new electronic prescriptions after the federal Health Department made eRx the sole e-script provider but has remained online for patients to access existing documents.
MediSecure company said it had contacted government agencies and is helping them "manage the impacts of the incident".
"MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available," it said.
"We appreciate your patience and understanding during this time."
The National Cyber Security Coordinator said earlier today it was informed by MediSecure of the incident yesterday.
"Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident," Cyber Security Coordinator Lieutenant-General Michelle McGuinness said in a statement.
READ MORE: Unemployment rate increases, dulling chance of rate hike
Australian Federal Police are investigating the cyber incident. (9News)
"I am working with agencies across the Australian government, states and territories to coordinate a whole-of-government response to this incident.
"The Cyber Security Centre is aware of the incident and the Australian Federal Police (are) investigating."
Federal Cyber Security Minister Clare O'Neil said the government is responding to the data breach.
"I have been briefed on this incident in recent days and the government convened a National Coordination Mechanism regarding this matter today," she said this afternoon.
"Michelle McGuinness is leading work across the Australian government to support the company in managing this large-scale ransomware incident.
"Updates will be provided in due course. Speculation at this stage risks undermining significant work underway to support the company's response."
READ MORE: This family spends $2.5k every week. It doesn't need to be like that
Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident.
I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government… pic.twitter.com/mool7LNLRZ
— National Cyber Security Coordinator (@AUCyberSecCoord) May 16, 2024
McGuinness said the investigation was still in its early stages, and more updates will be provided soon.
"We are in the very preliminary stages of our response and there is limited detail to share at this stage," she said.
"But I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."
Full statement from MediSecure
Cyber security incident/data breach
MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems.
While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.
MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern. MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.
By Daniel Jeffrey
4:29pm May 16, 2024
Play Video
Electronic prescription provider hit by 'large-scale' data breach
Electronic prescription provider hit by 'large-scale' data breachNOW
Electronic prescription provider hit by 'large-scale' data breach
Police release helicopter vision of alleged stolen car
Police release helicopter vision of alleged stolen car
Rare footage of squid ‘attacking’ camera captured
Rare footage of squid ‘attacking’ camera captured
Five arrested, $2.5 million in drugs seized in major police operation
Five arrested, $2.5 million in drugs seized in major police operation
Two tobacco stores firebombed in Melbourne
Two tobacco stores firebombed in Melbourne
Woman, baby safe after alleged abduction over laptops
Woman, baby safe after alleged abduction over laptops
Police charge three A-league footballers over alleged betting plot
Police charge three A-league footballers over alleged betting plot
A-League players arrested in Sydney
A-League players arrested in Sydney
Woman and baby safe after abduction from Melbourne car park
Woman and baby safe after abduction from Melbourne car park
Police investigate separate tobacco store fires in Melbourne
Police investigate separate tobacco store fires in Melbourne
Family cheers after amazing news from 11-year-old cancer patient
Family cheers after amazing news from 11-year-old cancer patient
Coastal boardwalk touted as tourist drawcard
Coastal boardwalk touted as tourist drawcard
Bill Shorten and Peter Dutton clash over Opposition's response to federal budget
Bill Shorten and Peter Dutton clash over Opposition's response to federal budget
240517-8AM-HOUSEPRICES_2024-05-16T22-14-40.mp4
240517-8AM-HOUSEPRICES_2024-05-16T22-14-40.mp4
240517-730-SPORTSHOMOPHOBIA_2024-05-16T21-37-45.mp4
240517-730-SPORTSHOMOPHOBIA_2024-05-16T21-37-45.mp4
CCTV footage released before fatal hit-run in Melbourne
CCTV footage released before fatal hit-run in Melbourne
Police searching for suspects after man shot in the neck during a violent robbery in Queensland
Police searching for suspects after man shot in the neck during a violent robbery in Queensland
Mining company’s impact on WA catchments revealed
Mining company’s impact on WA catchments revealed
Commuters 'very scared' after man allegedly hit Perth bus with axe
Commuters 'very scared' after man allegedly hit Perth bus with axe
Opposition Leader Peter Dutton delivers budget reply speech
Opposition Leader Peter Dutton delivers budget reply speech
Great-grandmother embraced by Magpies after ugly e-scooter incident
Great-grandmother embraced by Magpies after ugly e-scooter incident
The Melbourne cafe that still sells coffee for $2.50
The Melbourne cafe that still sells coffee for $2.50
How men can help lead change to domestic violence
How men can help lead change to domestic violence
SA education curriculum set to change under new plan
SA education curriculum set to change under new plan
Tweet
Electronic prescription provider MediSecure has fallen victim to a "large scale" data breach, potentially putting Australians' private medical information at risk and sparking a national approach from the federal government.
The company released a statement on its website – which is now otherwise inactive – this afternoon confirming the breach involved "personal and health information".
"We have taken immediate steps to mitigate any potential impact on our systems," it said.
READ MORE: Reserve Bank debunks popular rental crisis myth
The statement posted by MediSecure.
The statement posted by MediSecure. (MediSecure)
"While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors."
The company provided a system to allow healthcare professionals like GPs to send prescriptions to patients electronically.
Its logo contains the tagline: "eScripts. Sent. Secure. Safe."
It has not been used since November 15 for new electronic prescriptions after the federal Health Department made eRx the sole e-script provider but has remained online for patients to access existing documents.
MediSecure company said it had contacted government agencies and is helping them "manage the impacts of the incident".
"MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available," it said.
"We appreciate your patience and understanding during this time."
The National Cyber Security Coordinator said earlier today it was informed by MediSecure of the incident yesterday.
"Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident," Cyber Security Coordinator Lieutenant-General Michelle McGuinness said in a statement.
READ MORE: Unemployment rate increases, dulling chance of rate hike
Australian Federal Police are investigating the cyber incident. (9News)
"I am working with agencies across the Australian government, states and territories to coordinate a whole-of-government response to this incident.
"The Cyber Security Centre is aware of the incident and the Australian Federal Police (are) investigating."
Federal Cyber Security Minister Clare O'Neil said the government is responding to the data breach.
"I have been briefed on this incident in recent days and the government convened a National Coordination Mechanism regarding this matter today," she said this afternoon.
"Michelle McGuinness is leading work across the Australian government to support the company in managing this large-scale ransomware incident.
"Updates will be provided in due course. Speculation at this stage risks undermining significant work underway to support the company's response."
READ MORE: This family spends $2.5k every week. It doesn't need to be like that
Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident.
I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government… pic.twitter.com/mool7LNLRZ
— National Cyber Security Coordinator (@AUCyberSecCoord) May 16, 2024
McGuinness said the investigation was still in its early stages, and more updates will be provided soon.
"We are in the very preliminary stages of our response and there is limited detail to share at this stage," she said.
"But I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."
Full statement from MediSecure
Cyber security incident/data breach
MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems.
While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.
MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern. MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.
