Digital prescription supplier MediSecure in Australia has shut down its web site and telephone traces following a ransomware assault believed to originate from a third-party vendor.
The incident has impacted private and well being data of people however the extent stays unclear presently.
Working since 2009, MediSecure gives digital instruments to healthcare professionals to handle and dispense drugs to sufferers.
The corporate has issued thousands and thousands of eScripts through its non-public and the state-backed eRx techniques. Till November 2009, it was one of many two two paperless script networks in Australia.
Right this moment, the corporate introduced that it has been not directly impacted by a cybersecurity incident on one in every of its service suppliers, that has resulted in a data breach.
“MediSecure has recognized a cyber security incident impacting the non-public and well being data of people. We’ve taken speedy steps to mitigate any potential affect on our techniques,” reads the general public assertion.
An investigation has began and “early indicators counsel the incident originated from one in every of our third-party distributors,” the corporate says.
The group has knowledgeable key regulators in Australia, together with the Workplace of the Australian Data Commissioner, and is working with the Nationwide Cyber Safety Coordinator (NCSC) to mitigate the affect of the cyberattack.
In a brief announcement, the Australian NCSC stated that “a business well being data organisation” reported being “the sufferer of a large-scale ransomware data breach incident.”
“Yesterday afternoon I used to be suggested by a business well being data organisation that it was the sufferer of a large-scale ransomware data breach incident. I’m working with businesses throughout the Australian Authorities, states and territories to coordinate a whole-of-government response to this incident.” – NCSC
Though MediSecure didn’t point out a ransomware assault, The Australian Monetary Evaluate and ABC [1, 2] report that the corporate behind the NCSC’s announcement was MediSecure.
The NCSC famous that the investigations is in too early a stage to have the ability to share any helpful particulars concerning the affect this cybersecurity incident has on the Australian inhabitants.
The worst healthcare-related data breach incident in Australia’s latest historical past is that of Medibank that was breached by the REvil ransomware gang in October 2022.
That breach compromised the knowledge of practically 9.7 million Medibank and included personally identifiable particulars, contact, and healthcare knowledge.