Digital prescription supplier MediSecure in Australia has shut down its web site and cellphone strains following a ransomware assault believed to originate from a third-party vendor.
The incident has impacted private and well being data of people however the extent stays unclear at the moment.
Working since 2009, MediSecure gives digital instruments to healthcare professionals to handle and dispense medicines to sufferers.
The corporate has issued hundreds of thousands of eScripts by way of its personal and the state-backed eRx techniques. Till November 2009, it was one of many two two paperless script networks in Australia.
Right now, the corporate introduced that it has been not directly impacted by a cybersecurity incident on one in all its service suppliers, that has resulted in an information breach.
“MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems,” reads the general public assertion.
An investigation has began and “early indicators counsel the incident originated from one in all our third-party distributors,” the corporate says.
The group has knowledgeable key regulators in Australia, together with the Workplace of the Australian Data Commissioner, and is working with the Nationwide Cyber Security Coordinator (NCSC) to mitigate the affect of the cyberattack.
In a brief announcement, the Australian NCSC mentioned that “a commercial health information organisation” reported being “the victim of a large-scale ransomware data breach incident.”
“Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident. I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government response to this incident.” – NCSC
Though MediSecure didn’t point out a ransomware assault, The Australian Monetary Evaluation and ABC [1, 2] report that the corporate behind the NCSC’s announcement was MediSecure.
The NCSC famous that the investigations is in too early a stage to have the ability to share any helpful particulars concerning the affect this cybersecurity incident has on the Australian inhabitants.
The worst healthcare-related knowledge breach incident in Australia’s current historical past is that of Medibank that was breached by the REvil ransomware gang in October 2022.
That breach compromised the knowledge of practically 9.7 million Medibank and included personally identifiable particulars, contact, and healthcare knowledge.
