MediSecure, a prescription provider, was hacked in a major data breach. What happened?

A significant ransomware data breach has impacted Australian prescription company MediSecure. An immediate government investigation is underway, and the company has taken steps to mitigate any potential impact.

Federal police are investigating a large-scale hack at electronic prescriptions provider MediSecure after the company confirmed a cybersecurity breach involving individuals’ personal and health information.

Borderless CS

MediSecure | Media/ Public Statement

Cyber security incident/data breach

MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems.

While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.

MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern. MediSecure is actively assisting the the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.

MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time.

16 May 2024

source : https://www.medisecure.com.au/

Home Affairs Minister Clare O’Neil announced that the government had set up a National Coordination Mechanism on the issue and promised to provide updates in “due course.”

MediSecure reported a cyber security incident affecting individuals’ personal and health information.

Lieutenant General Michelle McGuinness, the national cyber security coordinator, stated that she is collaborating with agencies across the Australian government, states, and territories to coordinate a “whole-of-government response” to the incident being investigated by the Australian Federal Police.

 

Our recommendations:

Implement Strong Cybersecurity Measures: Strengthen security controls, such as zero-trust, Just-in-time privileged access, intrusion detection systems, Next-gen firewall, SIEM Monitoring, and Multi-Factor Authentication (MFA), to prevent unauthorised access to sensitive data.

Conduct regular security audits to identify vulnerabilities and implement necessary remediation measures.

Implement the Identity and Access Management (IDAM) system in place.

Implement a strong patch management system for servers, databases and applications.

Train employees in cybersecurity best practices and educate customers about data breach risks.

SOC Monitoring services will help to detect threats in real-time, manage incident response, perform forensic investigations on past incidents, and prepare audits for compliance purposes.

About Author: Borderless CS

[email protected]

Top cybersecurity companies in Australia

Leave a Comment