MediSecure e-script firm hit by ‘large-scale’ ransomware data breach
Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor.
The incident has impacted personal and health information of individuals but the extent remains unclear at this time.
Operating since 2009, MediSecure provides digital tools to healthcare professionals to manage and dispense medications to patients.
The company has issued millions of eScripts via its private and the state-backed eRx systems. Until November 2009, it was one of the two two paperless script networks in Australia.
Today, the company announced that it has been indirectly impacted by a cybersecurity incident on one of its service providers, that has resulted in a data breach.
“MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems,” reads the public statement.
An investigation has started and "early indicators suggest the incident originated from one of our third-party vendors,” the company says.
The organization has informed key regulators in Australia, including the Office of the Australian Information Commissioner, and is working with the National Cyber Security Coordinator (NCSC) to mitigate the impact of the cyberattack.
In a short announcement, the Australian NCSC said that "a commercial health information organisation" reported being "the victim of a large-scale ransomware data breach incident."
Although MediSecure did not mention a ransomware attack, The Australian Financial Review and ABC [1, 2] report that the company behind the NCSC's announcement was MediSecure.
The NCSC noted that the investigations is in too early a stage to be able to share any useful details about the impact this cybersecurity incident has on the Australian population.
The worst healthcare-related data breach incident in Australia’s recent history is that of Medibank that was breached by the REvil ransomware gang in October 2022.
That breach compromised the information of nearly 9.7 million Medibank and included personally identifiable details, contact, and healthcare data.
source: BleepingComputer
Free security scan for your website
Top News:
Google Chrome uses AI to analyze pages in new scam detection feature
December 21, 2024CISA orders federal agencies to secure Microsoft 365 tenants
December 18, 2024Recorded Future CEO applauds "undesirable" designation by Russia
December 19, 2024Five lesser known Task Manager features in Windows 11
December 25, 2024DDoS Attacks Surge as Africa Expands Its Digital Footprint
December 26, 2024