Cyber Threat Radar – Online prescription company, MediSecure, has stated that a significant healthcare data breach may have been the result of actions taken by one of its third-party vendors.
MediSecure, an Australian digital prescription company, has closed its website and phone lines due to a significant ransomware attack. The Melbourne-based health provider released a statement on its website acknowledging a cybersecurity incident that has compromised the personal and health information of its customers. MediSecure stated that it is collaborating with cyber authorities to address the situation.
The company has issued the following statement on its website:
- MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems.
- While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.
- MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern. MediSecure is actively assisting the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.
- MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time.
Established in 2009, MediSecure focuses on delivering electronic prescriptions to healthcare providers.
Forensic Investigations Into Healthcare Data Breach
The Department of Home Affairs (Australia), stated:
- A MediSecure database containing the personal and limited health information of individuals relating to prescriptions, as well as healthcare provider information has been affected by this cyber security incident.
- The affected data relates to prescriptions distributed by MediSecure’s systems up until November 2023.
- Technical and forensic investigations are ongoing. Updates will be provided as those investigations progress.
Cyberattacks Targeting Companies In Australia
In its annual cyber threat update, the Australian Signals Directorate disclosed that there were nearly 94,000 reports of cybercrime made to the police in the 2022-23 period, representing a 23 percent increase compared to the previous year. Additionally, the cyber agency identified China as a significant supporter of cyberattacks targeting critical infrastructure and companies in Australia.
In 2022, Medibank, a prominent health insurance company, experienced a significant cyber breach that impacted the personal information of 9.7 million individuals. The attack was attributed to a well-known ransomware group with ties to Russia.
To address the growing threat of cybercrime, the Australian government introduced a comprehensive seven-year cyber security strategy in late 2023. As part of this strategy, $565 million was allocated to assist businesses in reporting malicious intrusions and ransomware attacks.
Healthcare Data Is Easy To Ransom
“Hackers are attracted to healthcare data because of its ease of access via system vulnerabilities and volume,” commented Tim Royston-Webb, CEO, SentryBay. “Historically, under-investment in IT security in the medical sector combined with overstretched staff due to understaffing can lead to human error. This is compounded by remote working practices which also contributes to the risk of a data breach.”
Healthcare data is also easy to ransom because of the value patients, medical professionals and healthcare organizations place on keeping it private. SentryBay recognizes that healthcare providers face heightened cyber threats, increased regulatory scrutiny and legal claims by those whose data has been breached.
“At SentryBay, we are acutely aware of these challenges and have developed our Armored Client solution specifically to address them,” said Paul Gilbert, Senior Cybersecurity Account Executive, SentryBay. “What sets Armored Client apart is its ability to provide randomized keystrokes and protection against illegal screen capture. This ensures that sensitive healthcare data and healthcare operations remain secure, even in the face of sophisticated cyber threats.”