A data breach of personal and medical information has made cybercrime victims of 12.9 million people.
The huge data breach has impacted customers of the Australian healthcare provider MediSecure. The information exposed is connected to prescriptions distributed by the company’s systems from March 2019 to November 2023.
The Australian Government is urging people who think they have been impacted to be “alert for scams”. The Australian Federal Police are now investigating.
Nature and Extent of the Breach
The extent of the breach was revealed to the public in May, and MediSecure, reeling from the attack, has now gone into administration.
The company was one of two that operated a prescription delivery service in Australia up until late 2023. However, it lost the contract to a rival.
In its time operating, it held personal and sensitive information, including contact and health information, of millions of Australians. It was this data that was “stolen by a malicious third-party actor”
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.
The company has continued to update customers and in a statement on May 31 said that the data set “had been made available on a dark web forum” The company urged caution from the public, saying: “We urge Australians to not go looking for this data. Accessing stolen sensitive or personal information on the dark web only promotes future cyber-criminal activities against Australian businesses.”
What Can Customers Do?
In a statement, the Department of Home Affairs has now laid out the details of the breach. But it has also provided information as to where possible victims can get guidance on everything from spotting scams to protecting their personal information. It is also aware that the nature of the attack might distress some people; and mental health support is available.
It adds that the national prescription service has not been affected and healthcare providers can still prescribe and dispense medicines.
The news comes as another major healthcare provider – this time in the US – is still counting the cost of a breach.
The ransomware attack on Change Healthcare may impact as many as a third of Americans. This would be a catastrophic 110 million individuals. This dwarfs the Anthem attack of 2015, which involved the records of 78.8 million people.
According to The HIPAA Journal, the cost of the response to February’s attack on Change Healthcare is now predicted to be between $2.3 billion and $2.45 billion. However, the expense of notifying all customers hasn’t been included in this.
Both attacks have left millions of people rightly concerned that their personal information is available to bad agents who will repeatedly use it to try and scam them. Both will have also seriously dented the public’s confidence in the medical providers who have access to the most personal of our details.
