MediSecure, a provider of electronic prescriptions in Australia, was hacked. The information of about 12.9 million patients was stolen and posted to the dark web.
The company first learned about the breach on April 13. It was confirmed in May. The attack was carried out by a third-party actor who was able to access the servers of the company.
On Thursday, MediSecure revealed that the data of about 12.9 million of its customers was stolen by a malicious actor.
The attacker was able to access the company’s servers between March 2019 and November 2023.
The data included names, phone numbers, addresses, and Medicare numbers of patients.
MediSecure is currently reviewing the data set that was exposed on the dark web to determine the affected individuals and notify them.
The federal government, on the other hand, was not aware of the full set’s publication.
Lt. McGinness urged people to avoid accessing and searching for sensitive information on the dark web, which he said feeds cyber criminals’ business model.
He noted that Australians would be alarmed by the massive amount of data that was stolen.
Regardless of whether or not they were affected by the incident, he urged people to be aware of the scam artists operating on the dark web.
MediSecure was one of the two e-prescription services that the Australian government contracted with in late 2023.
It was eventually given to another company called eRx Script Exchange.
In June, the company went into administration and is not a part of the country’s digital health network.
The government noted that eRx, the national e-prescription service, was not affected by the cyber incident.
It said that consumers would still be able to access their medicines safely.