The recent MediSecure data breach is another example of the importance of reliable and secure cybersecurity and IT support systems. This latest data breach is adding to the already long list of cyberattacks impacting businesses and their customers in 2024.
The Qantas data breach in May, Clubs NSW data breach in May, and Telstra Opticomm data breach in April, are all examples of how prevalent cyberattacks are becoming even for major organisations. We are halfway through 2024, and there has been over 75 reported major data breach incidents in Australia alone.
As the ASD Cyber Threat Report from 2022-2023 has suggested, not only are the number of cybercrime reports up 23%, but the average cost of cybercrime per report has also increased by 14%. These numbers are yet another example of just how impactful a cyberattack can be on Australian businesses.
The MediSecure data breach is not just a reminder of how common cyberattacks are for businesses currently, but also just how severe the overall impacts can be.
Let’s take a look into what occurred during the MediSecure data breach, and the impacts that are now being felt by the business.
MediSecure Data Breach: What Happened?
On the 16th of May 2024, a statement was released from MediSecure stating that they had “identified a cyber security incident impacting the personal and health information of individuals.” Also mentioning that they had “taken immediate steps to mitigate any potential impact on our systems”.
Following this, on 18th of May 2024, MediSecure stated that they were continuing to “work closely with the National Cyber Security Coordinator and relevant Government departments, agencies and regulators in relation to this cyber security incident”.
Furthermore, noting that “the cyber security incident impacts personal information and limited health information relating to prescriptions. Additionally, this cyber security incident also impacts the personal information of healthcare providers”.
Then, on the 24th of May 2024, a further update was released, saying “MediSecure is aware that a data set containing the personal information and limited health information of our customers has been made available on a dark web forum”.
This update from the MediSecure data breach is most concerning, as it opens up the affected customers to numerous potential dangers. This can include increased chances of identity theft and fraud, as well as an increased likelihood of phishing attacks to occur.
The latest update on the MediSecure data breach came a week later, on the 31st of May 2024, “MediSecure has been in the process of reviewing the data set exposed on a dark web forum to identify impacted individuals”. This date set is said to have contained 6.5 terabytes of prescription data.
As well as this, they referenced media reports published, in regard to their attempts to receive funding from the Commonwealth Government. Stating “MediSecure wishes to clarify that it sought funding from the Commonwealth Government for the limited and confined purpose of assisting with the costs associated with responding to the incident, and the request was not for funding MediSecure’s operational costs unrelated to the cyber-attack. In any event, that request was denied”.
MediSecure Data Breach: What Comes Next?
Unfortunately for MediSecure and their staff, the outcome of the data breach has been catastrophic. The national e-script provider has now, a mere three weeks after first revealing the breach, entered administration as a result of the cyberattack.
Recently, administrators from FTI Consulting, Vaughan Strawbridge and Paul Harlond, were assigned to lead the proceedings and recognised the “significant concern” from the cyberattack.
Due to the MediSecure data breach, operations have now ceased completely, with their website – www.medisecure.com.au – solely displaying its public statement on the cyberattack.
The hacking group ShinyHunters, the same who were behind the Ticketmaster and Live Nation hack, have since claimed responsibility for the MediSecure data breach. It is alleged that the hacking group listed several files of confidential and sensitive information online, on a popular hacking forum, for $500,000 (USD).
MediSecure also stated they would “continue to work closely with the National Cyber Security Coordinator, the AFP, the Australian Signals Directorate and the Office of the Australian Information Commissioner”.
Whilst a resolution is certainly far from close for MediSecure themselves, it is yet another harsh reminder of just how impactful a data breach or hacking efforts can be on a business.
MediSecure Data Breach: What did we Learn?
As the dust settles on, unfortunately, yet another high-profile cyberattack being reported in the news, the question must again be asked. What did we learn?
The MediSecure data breach has, yet again, provided a valuable lesson in regard to implementing cybersecurity, and its importance. IT support is not quite as simple as having someone to call when your computer stops working. The complexity of cyberattacks and hackers nowadays cannot be understated, with disastrous results an ever-increasing occurrence.
We have also learned that the act of a cyberattack can be somewhat final for impacted businesses. The MediSecure data breach has shown us that, often, there is simply no real coming back from an effective cyberattack. MediSecure going into administration as a result of the data breach is a clear example of this.
Another thing learned from the MediSecure data breach is actually a positive, and one that perhaps other businesses may learn from. The immediate response from MediSecure has been praised, with their openness and transparency crucial in allowing customers to know exactly what is happening with their potentially affected data.
Finally, we have learned that cybercriminals and hackers are, put simply, relentless. Nowadays more than ever, the impacts felt from hackers and their actions are more severe than previously thought. Entire businesses can now be completely crippled and taken down, ceasing to function, and individuals who were under the belief that their data was safe, are proven wrong and face exploitation.
July 2024 Update on MediSecure Data Breach
The administrators of MediSecure, FTI Consulting, have confirmed that 12.9 million Australians have been impacted by the data breach in May. It was found that more than 6.5 terabytes of Australian prescription information were posted for sale on a hacking forum that is popular in the cybercriminal space.
During the investigation, however, it was unable to be determined the identity of the impacted individuals within that 12.9 million. A statement from FTI Consulting provided the following information:
“The impacted server analysed by an external adviser consisted of an extremely large volume of semi-structured and unstructured data stored across a variety of data sets,”.
“This made it not practicable to specifically identify all individuals and their information impacted by the incident without incurring substantial cost that MediSecure was not in a financial position to meet”.
“FTI Consulting will continue to work with MediSecure’s advisers and liaise with the Australian government in respect to the incident”.
The investigation uncovered further details from the hack itself, however there is still a significant amount of uncertainty. It was on the 13th of April, 2024, when MediSecure first discovered the cyberattack, and immediately began an investigation after fortifying their IT systems. It was then seen on the 24th of May that the data was posted for sale on a Russian hacking forum for USD $50,000. Now, the National Cyber Security Coordinator has responded to the latest updates with a final warning:
“At this time, the Australian government is not aware of publication of the full data set. No one should go looking for or access stolen sensitive or personal information from the dark web. This activity only feeds the business model of cyber criminals and can be a criminal offence”.
“I understand many Australians will be concerned about the scale of this breach. I encourage everyone, whether impacted in this incident or not, to be alert to being targeted in scams”.
It is yet another reminder of the importance of cybersecurity within businesses today, whether small, medium, or large. Ensuring your IT infrastructure is safe, secure, and contains robust security standards is incredibly important to prevent a similar incident from occurring.
Contact Adept IT Solutions Today
Adept IT Solutions, a leading provider of reliable IT support in Newcastle, Central Coast, Lake Macquarie and Sydney, is able to support your business with all your IT service needs.
Through our extensive list of IT services, we can provide your business with the professional IT support you deserve. To get in touch, contact us at 1300 423 378 (ADEPT) or email us at info@adept-it.com.au.