National prescription service identified as target of massive ransomware data breach, AFP investigating

Georgina Noack and Max Corstorphan

The Nightly

2 Min Read

16 May 2024

National Cyber Security Coordinator Michelle McGuinnes has confirmed a ‘large-scale ransomware data breach’. Credit: Arda SAVASCIOGULLARI/ardasavasciogullari - stock.adobe.com

An Australian commercial health information organisation has fallen victim to a “large-scale ransomware data breach incident” with officials coordinating an urgent “whole-of-government” response.

The Nightly can confirm MediSecure, an online prescription provider is the health organisation at the centre of the breach under investigation by the Australian Federal Police.

As of Thursday afternoon MediSecure had removed its website, leaving only a statement that confirmed it had identified a “cyber security incident impacting the personal and health information of individuals”.

Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.

By continuing you agree to our Terms and Privacy Policy.

“We have taken immediate steps to mitigate any potential impact on our systems,” the statement reads.

“While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.”

eScript provider MediSecure has confirmed it was the victim of a "cyber security incident". Credit: Supplied

MediSecure is a digital prescription exchange service used by health professionals to prescribe and dispense medication.

The company statement confirmed it was working with authorities to investigate the data breach.

“MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern,” it continued.

“MediSecure is actively assisting the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.

“MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time.”

The National Cyber Safety Coordinator Michelle McGuinness announced the data breach on Thursday, a day after she says she was alerted to the incident.

In a post on X, formerly Twitter, Ms McGuinness said she and the Australian Cyber Security Centre was aware that a “commercial health information organisation” was the victim of “a large-scale ransomware data breach incident”.

She confirmed the Australian Federal police were investigating, the incident and said she was working with federal an state government agencies to “coordinate a whole-of-government response to this incident”.

She did not identify the health organisation affected by the breach at the time.

Loading Tweet

Later, Home Affairs Minister Clare O’Neil took to X to say: “I have been briefed on this incident in recent days and the government convened a National Coordination Mechanism regarding this matter today.”

“Updates will be provided in due course. Speculation at this stage risks undermining significant work underway to support the company’s response,” she said.