How to know if you are one of the 12.9million Australians struck by MediSecure hack – and what you must do NOW
Australians who fear they have fallen victim to one of the country’s biggest cyber attacks now need to be on constant alert for potential scams. Experts reveal how to protect yourself.
MediSecure, an online prescription provider, was hacked earlier this year, with the personal details of 12.9 million Australians stolen and published on the dark web.
Names, dates of birth, addresses, phone numbers, email addresses, Medicare numbers, prescription information and the reasons for taking the medications are among the 6.5 terabytes of data stolen by the hackers.
The company announced on Thursday that nearly 13 million Australians who used its prescription delivery service between March 2019 and November 2023 were affected.
But they said they could not determine exactly who the victim was due to the “complexity of the dataset.”
Professor Matthew Warren, director of the RMIT Centre for Cyber Security, says Australians will not know if they have been the victim of a breach until they notice a threat to their personal security.
He said this could include scammers taking out loans in their names, their credit rating being affected or scammers trying to contact them directly.
“Cybercriminals and identity thieves can abuse personal data in a number of ways,” he told Daily Mail Australia.
Nearly 13 million Australians have been affected by one of the country’s largest data breaches after hackers stole information from MediSecure’s data servers in April
‘Through direct attacks they can apply for loans or lines of credit, make purchases with credit cards, gain access to financial accounts, etc.
‘Another concern is that attacks could use information to take over online accounts/online identities.’
According to UNSW cybersecurity expert Professor Sanjay Jha, when malicious cyberattacks on companies and organisations lead to breaches, it can take time for personal information to end up in the hands of professional hackers or others seeking to monetise stolen data.
“Much of this information, once obtained through a cyberattack, is sold on the dark web and can then be purchased by hackers who build phishing sites that allow them to obtain the additional credentials they need to access bank accounts and steal money,” he said.
‘Personal data is a valuable asset. Even if credentials are not stolen, they can still be sold as marketing information.
‘But if there is a specific piece of identity, that can trigger cybercrime because it helps malicious people create your profile and perhaps use social engineering to get all the information they need to log into your banking system or compromise your medical records.
‘Just knowing your mobile phone number and whether you are a man or a woman can get criminals to work.’
However, Professor Jha said that anyone who believes their personal information may be at risk in the attack should not panic but rather be alert.
‘[The personal data stolen is] “a lot of information,” he said.
‘In the case of theft of telephone numbers and email addresses, potential victims should be concerned about phishing emails or SMS fraud.
‘Be careful and do not click on messages. If you receive a message from someone claiming to be from a service, such as AusPost, go to the authorised website.’
MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023
According to Professor Jha, fraudsters can also use the data to steal victims’ bank accounts or accounts at other institutions, as data such as a person’s date of birth is often used as a means of verification when calling customer service.
However, he stressed that the responsibility for tracking down fraudsters also lies with banks and other organizations that handle personal data, and he expects them to tighten their security measures after the attack.
He said people concerned about possible consequences can take precautions now by reviewing their digital security.
‘Reset your passwords – if they [the website or company] “If you offer multi-factor authentication, use it,” he said.
‘Use strong passwords and instead of writing them down, try using a password management system.
“It can be a bit cumbersome, but it does make you safer.”
Both Professor Jha and Professor Warren urged Australians who suspect they have been victims of cybercrime to heed the advice of the Australian Governmentwhich means you must report the incident and contact financial institutions.
MediSecure was first notified of the breach on April 13, when suspected ransomware was discovered on a server containing sensitive personal and medical data. The attack was publicly confirmed in May.
The hack was believed to be related to a known ransomware group in Russia.
The stolen data included Medicare numbers, prescription information and the reasons for the medication use (stock image)
On Thursday, MediSecure and its directors publicly announced that the company has ceased its investigation into the cyber incident that hit the company earlier this year.
A sample of personal information has been exposed on the dark web, but the company says that due to the complexity of the data and the costs involved, it is unable to identify specific individuals who may have been affected.
The federal government was unaware of the release of the full dataset, Lt. Gen. Michelle McGuinness, National Cyber Security Coordinator, said on X, formerly Twitter.
“No one should have to search for or access stolen sensitive or personal information from the dark web,” Lt. Gen. McGuinness said Thursday.
Prime Minister Anthony Albanese said the government was working with the Australian Federal Police and the private sector to address national security and privacy concerns.
“This is a very significant cyber event,” Albanese told reporters in Cairns on Friday.
Prime Minister Anthony Albanese has urged Australians to be vigilant in the aftermath of the attack
‘It’s not the first and it won’t be the last.
“We know that there are state actors involved in cyber attacks, but we also know that there are criminal elements involved – both here and abroad.”
Australians have been urged not to respond to unsolicited messages about the data breach, as they could be scam attempts.
Malicious actors have launched cyber attacks on several Australian sectors.
Thousands of Western Sydney University staff were affected by a data breach in May, less than a year after highly sensitive Victorian government information was stolen and leaked online.
Millions more Australians have been affected by attacks on Optus, Ticketmaster and Medibank.
Mr Albanese encourages Australians to become more aware of cyber threats as they continue to grow.
MediSecure was one of two electronic prescription delivery services until the end of 2023. The Australian government awarded the service exclusively to eRx Script Exchange.
The company appointed liquidators in June and went into receivership. The company is not part of Australia’s digital health network.
The government has confirmed that the national prescription delivery service eRx is not affected by this cyber incident.