Hacked Aussie electronic prescription provider MediSecure collapses
Online prescription provider MediSecure has gone bankrupt just weeks after a large-scale ransomware attack.
The Melbourne-based healthcare provider confirmed last month that the massive data breach had occurred, with the personal information and some limited health information of people using the service later posted to a dark web forum.
But on Wednesday, FTI Consulting was appointed as voluntary administrators of Medisecure Limited and liquidators of its subsidiary, Operations MDS Pty Ltd.
MediSecure, in business since 2009, was a national prescription provider that enabled prescriptions to be delivered electronically from the prescriber to a pharmacy of an individual’s choice.
The hack was believed to be related to a well-known ransomware group from Russia.
Private healthcare organization MediSecure has been out of business for weeks after it was hacked in a massive ransomware attack (stock image)
Vaughan Strawbridge and Paul Harlond have been appointed as administrators and liquidators of a subsidiary known as Operations MDS Pty Ltd.
In a statement, they said MediSecure had been in contact with the federal government about the breach.
‘Our role as administrators and liquidators includes examining the affairs of the company to identify the reasons for its failure, and to explore the options that may be available to recover assets for the benefit of the creditors of the companies,” said Mr Strawbridge.
“We will be speaking to the Australian government about what they need from the company and the next steps in responding to the cyber incident.”
A first meeting of creditors will take place on June 14.
After the data breach was first discovered, MediSecure took immediate steps to limit any impact on their systems.
“MediSecure takes its legal and ethical obligations seriously and appreciates that this information will be concerning,” the company said in a May 16 statement.
The data breach is one of several large-scale hacks to hit Australian companies in recent years, including Optus and Medibank (stock image)
In a further statement on May 24, the company confirmed that a dataset containing customer personal information and limited health information had been made available on a dark web forum.
“While MediSecure is working urgently to inform affected individuals, we would like to reiterate and reassure the Australian community that this cyber security incident will not impact continued access to medication,” they said.
The eHealth company said the cyber incident was likely the result of an issue with one of its third-party vendors.
Cybersecurity coordinator Michelle McGuinness said at the time that authorities were investigating the cause of the breach.
The latest breach comes after health insurer Medibank fell victim to a major cyber hack in 2022 that affected the personal data of 9.7 million people.
The Australian Signals Directorate revealed in its annual cyber threat update that almost 94,000 cybercrime reports were made to police in 2022-2023, a 23 per cent increase on the previous year.