Australian patients’ health and personal information has reportedly been published online by following the ransomware attack on medical prescriptions provider MediSecure.
The Melbourne-based company confirmed on May 24 that a data set containing the personal information and limited health data of its customers has been posted onto a dark web forum by a cybercriminal group.
MediSecure is now urgently working towards notifying impacted individuals.
In a statement on X (formerly Twitter), Australia’s National Cybersecurity Coordinator, Lieutenant General Michelle McGuinness, said the government is aware of a dataset purporting to be from the MediSecure breach, along with a sample of the data.
She said the government is working with MediSecure to verify that the data has been published online, which is currently believed to be affecting “a relatively small group.”
McGuiness warned Australians not to go searching for this data, as accessing sensitive or personal information on the dark web promotes the business model of cybercriminals.
“While this is an unwelcome development, I want to again assure Australians that if individuals are at risk of serious harm through the publication of their information, then we will work with MediSecure to make sure that individuals are appropriately informed, so they may take steps to protect themselves from any further risk to their personal information,” McGuiness wrote.
MediSecure revealed earlier in May that its systems had been compromised as a result of an attack on a third-party supplier. The firm admitted that the incident had impacted the personal and health information of customers.
In an incident update by MediSecure on May 18, the firm confirmed the attack relates to data held by MediSecure’s systems up until November 2023.
This impacts personal information and limited health information relating to prescriptions, in addition to the personal information of healthcare providers.
MediSecure confirmed that the incident is not affecting any ongoing access to medication.
MediSecure Data for Sale for $50,000
Hacktivist tracker and intelligence group CyberKnow posted a screenshot of the data leak on X, which purports to show a sample of the stolen information, and the author offering over 6.5TB of data for sale for $50,000.
It looks like someone is claiming to have the Medisecure data and is trying to sell over 6.5tb of data for $50,000.
— CyberKnow (@Cyberknow20) May 23, 2024
It's unconfirmed at this stage if this is the actual data leak. Considering it was reporting as a likely ransomware incident and now this sale is being offered… pic.twitter.com/rvj2yTAcPi
CyberKnow added that it was interesting the sale is being offered via a forum rather than a ransomware leak site, given the incident has been reported as a likely ransomware incident.