Aussie cops probe MediSecure’s ‘large-scale ransomware data breach’ – Source: go.theregister.com

Australian prescriptions provider MediSecure is the latest healthcare org to fall victim to a ransomware attack, with crooks apparently stealing patients’ personal and health data.

“While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors,” the e-script provider said in a statement on Thursday. 

MediSecure did not indicate how many individuals were affected by the incident, but promised to “provide further updates via our website as soon as more information becomes available.” It also said it is working with Oz’s National Cyber Security Coordinator to “manage the impacts of the incident,” and has notified regulatory agencies including the Office of the Australian Information Commissioner.

Australia’s federal police are investigating the intrusion, which the National Cyber Security Coordinator described as a “large-scale ransomware data breach incident.” 

In a separate statement on Thursday, the country’s top cybersecurity chief said the Australian government “continues to assist MediSecure,” and that it’s “still working to build a picture of the size and nature of the data that has been impacted by this data breach.”

The statement continued:

The government is also briefing health sector industry groups about the digital intrusion and response, including the Australian Medical Association, the Pharmacy Guild of Australia, and “major private hospital providers.”

The MediSecure incident is yet another indication of ransomware crews increasingly targeting the healthcare sector as these organizations are responsible for safeguarding very sensitive medical and personal information belonging to millions. 

• Australia imposes cyber sanctions on Russian it says ransomwared health insurer
• London Drugs closes all of its pharmacies following ‘cybersecurity incident’
• UnitedHealth’s ‘egregious negligence’ led to Change Healthcare ransomware infection
• Ransomware negotiator weighs in on the extortion payment debate with El Reg

Data thieves know this means the victim orgs are more likely to pay ransom demand — as we saw with the massive Change Healthcare attack in America with that company paying the criminals $22 million. Despite paying the extortion demand, more ransomware crooks reportedly started leaking sensitive data and extorting the company for even more money.  

In late 2022, Australian health insurer Medibank fell victim to a ransomware attack with data of almost 10 million customers leaked.

Stolen info included medical treatment details belonging to about half a million Medibank customers, along with names, dates of birth, addresses, phone numbers and email addresses of 9.7 million individuals.

The now-defunct REvil crime gang was blamed for this attack, and Australian authorities accused Russia of harboring the group. ®