Malware
Massive Data Breach: Ransomware Gang Seizes Information of 12.9 Million Individuals – Protect Yourself Now
The Medisecure ransomware gang has stolen data from 129 million people, potentially jeopardizing medical records, financial data, and login credentials. Protect yourself from this threat by regularly updating software, using strong and unique passwords, and implementing multi-factor authentication. Stay vigilant and informed on the latest cybersecurity news and trends.
Picture this: you’re an Australian citizen who relies on MediSecure, a prescription delivery service provider, to get your essential medications. Then, one day, you learn that the personal and health information of about 12.9 million people, including yours, was stolen in an April ransomware attack. Sounds like a nightmare, right? Well, that’s precisely what happened.
The Attack on MediSecure
In April, MediSecure was hit by a severe ransomware attack, forcing the company to shut down its website and phone lines. They disclosed the incident as a “cyber security incident” on May 16. The Australian National Cyber Security Coordinator (NCSC), who was assisting MediSecure in mitigating the breach, described it as a “large-scale ransomware data breach.”
While investigating the attack, MediSecure found that the threat actors had stolen a whopping 6.5TB of data. Thankfully, the company managed to restore the information from a server backup. But the damage was already done. Approximately 12.9 million Australians who used the MediSecure prescription delivery service between March 2019 and November 2023 were affected by the breach.
What Information Was Stolen?
The personal and health information stolen in the breach included names, dates of birth, addresses, phone numbers, email addresses, individual healthcare identifiers (IHIs), Medicare card numbers, prescription medications (names, strengths, and quantities), reasons for prescriptions, and instructions. It also included details from Pensioner Concession, Commonwealth Seniors, Healthcare Concession, and Department of Veterans’ Affairs (DVA) cards.
It’s a treasure trove of data for cybercriminals, who can use this information to launch targeted scams, identity theft, and other malicious activities.
What Should You Do if You’re Affected?
The Australian National Cyber Security Coordinator warned people to be on the lookout for scams referencing the MediSecure data breach and not to respond to unsolicited contact that mentions it. If you’re contacted by someone claiming to be a medical or financial service provider, seeking personal or banking information, hang up and call back on a phone number you’ve sourced independently.
Don’t Let This Happen to Your Business
As an IT services provider, we know how damaging a data breach can be, not just for the individuals affected but also for the reputation of the company involved. In this digital age, businesses need to prioritize cybersecurity to protect their customers, their data, and their livelihood.
Don’t wait for an attack to happen. Instead, be proactive and take steps to secure your business. Reach out to us, and let’s discuss how we can help you strengthen your cybersecurity posture and stay ahead of cyber threats.