Cyber Incident Victim: MediSecure
Date:
May 2024
Location:
Australia
Summary
A ransomware attack compromised personal and health information through a third-party vendor breach at MediSecure, an electronic prescription service provider. The incident prompted immediate mitigation efforts and coordination with Australian government agencies, including the National Cyber Security Coordinator, Australian Digital Health Agency, and federal police. While the exact scope of compromised data remains unclear, the company previously handled publicly funded electronic prescriptions before transitioning to private services following a contract loss. Authorities are investigating the large-scale breach, urging against speculation to avoid undermining response efforts, as stakeholders seek transparency to maintain trust in critical health systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 16, 2024, MediSecure, an Australian electronic prescription exchange service, publicly disclosed a cybersecurity incident impacting personal and health information of individuals. The company identified the breach as a "large-scale ransomware" attack, according to government sources, and took immediate steps to mitigate potential impacts on its systems. Early indicators suggested the incident originated from a third-party vendor, though specific details about the vendor or initial attack vector were not disclosed. MediSecure's website became inaccessible following the breach, replaced solely by a brief statement acknowledging the incident. The company ceased operations as a government-contracted provider of Pharmaceutical Benefits Scheme (PBS) e-script services in late 2023 after the federal government awarded exclusive tender rights to competitor eRx, though it continued processing private prescriptions. In October 2023, the Australian Competition and Consumer Commission (ACCC) authorized MediSecure to transfer all publicly funded electronic prescriptions and data to eRx, but the relationship between this transition and the breach remains unspecified.
National Cyber Security Coordinator Michelle McGuinness confirmed coordination of a whole-of-government response involving federal agencies, state governments, and the Australian Digital Health Agency. The Australian Federal Police engaged in investigative efforts alongside these entities. MediSecure formally notified the Office of the Australian Information Commissioner and other regulators, though the specific categories of compromised data, number of affected individuals, and timeframe of unauthorized access remained undetermined at the time of reporting. Cyber Security Minister Clare O'Neil convened a national coordination mechanism while cautioning against speculation that might undermine response efforts. The Australian Medical Association requested urgent briefings, emphasizing the necessity for transparent investigation and clear communication to preserve public trust in health systems. MediSecure committed to providing further updates through its website as information became available but remained unreachable for direct inquiries following the breach disclosure.