Security agencies on case after e-prescription cyber breach
Electronic prescriptions provider MediSecure is receiving federal government help after a data breach.
National cybersecurity co-ordinator Michelle McGuinness says authorities are “working to build a picture” of the incident’s scale but notes “no evidence to suggest an increased cyber threat to the medical sector”.
“From the information that is currently available to the government, no current e-prescriptions have been impacted or accessed,” Ms McGuinness said. “We are looking closely at any evidence about whether identity documents have been compromised in the breach, and are working with MediSecure, Services Australia, and state and territory credential-issuing bodies to build a full picture of the impacted data set.”
Ms McGuinness says, based on current information, affected customers will not be required to replace their Medicare cards.
She says national security agencies will work with other government stakeholders through the National Emergency Management Agency’s National Co-ordination Mechanism to respond to the event.
MediSecure, which is not currently a participant in Australia’s digital health network, says the incident relates to data held in its system until November last year. It says the breach probably came via a third-party vendor.
“We can confirm the cybersecurity incident impacts personal information and limited health information relating to prescriptions,” MediSecure said.
“Additionally, this cybersecurity incident also impacts the personal information of healthcare providers. MediSecure understands this will be concerning to our customers, and we are working very hard to communicate with impacted individuals as soon as possible.”