Exclusive
scalehealthtech Realize your Healthcare’s Digital Transformation journey with ScaleHealthTech Learn More

Australian E-prescription Provider MediSecure Hit by Data Breach

Written by : Arti Ghargi

May 22, 2024

Category Img

Image Source: Freepik

On May 16th MediSecure said that early indicators suggest the data breach incident originated from one of its third-party vendors.


Australian electronic prescription firm MediSecure on Saturday confirmed that a cybersecurity incident has compromised the personal information of thousands of patients.

In a statement released on its website, the firm said that the data breach impacted personal health information and limited health information relating to prescriptions.

“Additionally, the personal information of healthcare providers may also be compromised,” MediSecure said.

As of now the website of MediSecure has been taken down and only displays the statement confirming the cybersecurity breach.

According to Australian Broadcaster ABC, the firm is facing a large-scale ransomware attack. However, MediSecure has not yet divulged the nature of the attack.

It has also not revealed whether it has received any ransom demand.

MediSecure was one of two national providers in Australia for electronic prescriptions until late 2023.

After November 2023, the Australian government transitioned to eRx Script Exchange as its sole service provider.

The company said the data related to prescriptions processed by MediSecure before November 2023 during its tender period is potentially affected.

MediSecure said that it has taken immediate steps to mitigate any potential impact on our systems.

Data Breach Originated from Third-Party Vendors

On May 16th MediSecure said that early indicators suggest the data breach incident originated from one of its third-party vendors.

The company said it had also notified the National Cyber Security Coordinator, the Office of the Australian Information Commissioner, and other key regulators to manage the impacts of the incident.

The company further said that the incident does not have any impact on the current working of the department.

“MediSecure is not a current participant in Australia’s digital health network. As such, this cyber security incident does not impact the prescribing and dispensing of medication,” it said.

Government Response & Ongoing Investigations

The Department of Home Affairs and other government agencies are collaborating on a response to the breach.

Department officials confirmed that the current national prescription service, eRx Script Exchange, remains secure and unaffected.

“Consumers can continue to access medications safely, and healthcare providers can still prescribe and dispense as usual. Technical and forensic investigations are ongoing, and updates will be provided as those investigations progress,” the department reassured.

Limited Impact on Specific Services

Importantly, the department clarifies that there is “no evidence to suggest there is an increased cyber threat to the medical sector.”

Furthermore, Services Australia is investigating potential impacts on “identity security associated with breached card numbers.”

However, they stressed that individuals do not need to take any action regarding their Medicare or other concession cards.

While the national electronic prescription service has transitioned to a new provider, MediSecure’s data breach affects personal information collected during its previous operation.

The Australian National Cyber Security Coordinator is working with relevant authorities to determine the exact scope of the breach and if any identity documents were compromised.

While the initial announcement of the breach occurred on May 16th, a statement from MediSecure suggests the attack might have begun over six months prior.

Recent Healthcare Cybersecurity Breaches

2024 has seen a manifold rise in healthcare data breaches. Earlier this month, Ascension, a prominent health system operating 140 hospitals across 19 states and Washington, DC, was hit by a major cybersecurity breach.

The health system said that it detected an unusual activity within its network systems following which its clinical operations were disrupted.

In April, American healthcare giant UnitedHealthcare became a victim of a massive ransomware attack compromising the data of millions of patients including their medical, personal, and payment data. The company faced a loss of a staggering $872 million.

Per the American Hospital Association, 94% of American hospitals experienced disruptions in cash flow, and over half of them reported substantial financial damage as a result of Change’s failure to handle claims.


ABOUT US

Digital Health News ( DHN) is India’s first dedicated digital health news platform launched by Industry recognized HealthTech Leaders. DHN Is Industry’s Leading Source Of HealthTech Business, Insights, Trends And Policy News.

DHN Provides In-Depth Data Analysis And Covers Most Impactful News As They Happen Across Entire Ecosystem Including Emerging Technology Trends And Innovations, Digital Health Startups, Hospitals, Health Insurance, Govt. Agencies & Policies, Pharmaceuticals And Biotech.

CONTACT US

© Digital Health News 2024