Key questions after e-script hack
Federal authorities say it is still unclear if and how many Australians have had their personal health data stolen after electronic prescriptions provider MediSecure was targeted in a large-scale cyber breach.
Australia’s cyber security co-ordinator said there was no evidence to suggest there was an increased cyber threat to the medical sector after the healthcare business fell victim to an “isolated” ransomware attack earlier this week.
“We are still working to build a picture of the size and nature of the data that has been impacted by this data breach impacting MediSecure,” Lieutenant General Michelle McGuinness said.
“This discovery work often takes time and I understand Australians are anxious about the possibility of their personal information being affected.”
It’s understood that cyber criminals have accessed data being kept on MediSecure’s digital systems and demanded payment in exchange for stolen information.
The eHealth business, which facilitates e-script dispensing to health professionals, said the incident likely originated from an issue with one of its third-party vendors.
On average, cybercrime costs businesses between $46,000 for small businesses and $72,000 for larger businesses per year.
General McGuinness said authorities were looking closely at whether identity documents had been compromised in the breach.
Cyber officials held briefings with key industry health organisations early on Friday amid increased concerns for the security of health professionals and patients’ private data
After calling for “clear and consistent” communication about the breach, Australian Medical Association president Steve Robson welcomed the formation of a national stakeholder group to support the government’s response to the incident.
“The most important message today is that patients should not hesitate to get their medications dispensed as the current prescription delivery service is not affected by the breach,” Professor Robson said.