How to know if you are one of the 12.9million Australians struck by MediSecure hack – and what you must do NOW

Australians who fear they have fallen victim to one of the country’s biggest cyber attacks now need to be on constant alert for potential scams. Experts reveal how to protect yourself.

MediSecure, an online prescription provider, was hacked earlier this year, with the personal details of 12.9 million Australians stolen and published on the dark web.

Names, dates of birth, addresses, phone numbers, email addresses, Medicare numbers, prescription information and the reasons for taking the medications are among the 6.5 terabytes of data stolen by the hackers.

The company announced on Thursday that nearly 13 million Australians who used its prescription delivery service between March 2019 and November 2023 were affected.

But they said they could not determine exactly who the victim was due to the “complexity of the dataset.”

Professor Matthew Warren, director of the RMIT Centre for Cyber ​​​​Security, says Australians will not know if they have been the victim of a breach until they notice a threat to their personal security.

He said this could include scammers taking out loans in their names, their credit rating being affected or scammers trying to contact them directly.

“Cybercriminals and identity thieves can abuse personal data in a number of ways,” he told Daily Mail Australia.

Nearly 13 million Australians have been affected by one of the country’s largest data breaches after hackers stole information from MediSecure’s data servers in April

‘Through direct attacks they can apply for loans or lines of credit, make purchases with credit cards, gain access to financial accounts, etc.

‘Another concern is that attacks could use information to take over online accounts/online identities.’

According to UNSW cybersecurity expert Professor Sanjay Jha, when malicious cyberattacks on companies and organisations lead to breaches, it can take time for personal information to end up in the hands of professional hackers or others seeking to monetise stolen data.

“Much of this information, once obtained through a cyberattack, is sold on the dark web and can then be purchased by hackers who build phishing sites that allow them to obtain the additional credentials they need to access bank accounts and steal money,” he said.

‘Personal data is a valuable asset. Even if credentials are not stolen, they can still be sold as marketing information.

‘But if there is a specific piece of identity, that can trigger cybercrime because it helps malicious people create your profile and perhaps use social engineering to get all the information they need to log into your banking system or compromise your medical records.

‘Just knowing your mobile phone number and whether you are a man or a woman can get criminals to work.’

However, Professor Jha said that anyone who believes their personal information may be at risk in the attack should not panic but rather be alert.

‘[The personal data stolen is] “a lot of information,” he said.

‘In the case of theft of telephone numbers and email addresses, potential victims should be concerned about phishing emails or SMS fraud.

‘Be careful and do not click on messages. If you receive a message from someone claiming to be from a service, such as AusPost, go to the authorised website.’

MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023

MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023

According to Professor Jha, fraudsters can also use the data to steal victims’ bank accounts or accounts at other institutions, as data such as a person’s date of birth is often used as a means of verification when calling customer service.

However, he stressed that the responsibility for tracking down fraudsters also lies with banks and other organizations that handle personal data, and he expects them to tighten their security measures after the attack.

He said people concerned about possible consequences can take precautions now by reviewing their digital security.

‘Reset your passwords – if they [the website or company] “If you offer multi-factor authentication, use it,” he said.

‘Use strong passwords and instead of writing them down, try using a password management system.

“It can be a bit cumbersome, but it does make you safer.”

Both Professor Jha and Professor Warren urged Australians who suspect they have been victims of cybercrime to heed the advice of the Australian Governmentwhich means you must report the incident and contact financial institutions.

MediSecure was first notified of the breach on April 13, when suspected ransomware was discovered on a server containing sensitive personal and medical data. The attack was publicly confirmed in May.

The hack was believed to be related to a known ransomware group in Russia.

The stolen data included Medicare numbers, prescription information and the reasons for the medication use (stock image)

The stolen data included Medicare numbers, prescription information and the reasons for the medication use (stock image)

On Thursday, MediSecure and its directors publicly announced that the company has ceased its investigation into the cyber incident that hit the company earlier this year.

A sample of personal information has been exposed on the dark web, but the company says that due to the complexity of the data and the costs involved, it is unable to identify specific individuals who may have been affected.

The federal government was unaware of the release of the full dataset, Lt. Gen. Michelle McGuinness, National Cyber ​​Security Coordinator, said on X, formerly Twitter.

“No one should have to search for or access stolen sensitive or personal information from the dark web,” Lt. Gen. McGuinness said Thursday.

Prime Minister Anthony Albanese said the government was working with the Australian Federal Police and the private sector to address national security and privacy concerns.

“This is a very significant cyber event,” Albanese told reporters in Cairns on Friday.

Prime Minister Anthony Albanese has urged Australians to be vigilant in the aftermath of the attack

Prime Minister Anthony Albanese has urged Australians to be vigilant in the aftermath of the attack

‘It’s not the first and it won’t be the last.

“We know that there are state actors involved in cyber attacks, but we also know that there are criminal elements involved – both here and abroad.”

Australians have been urged not to respond to unsolicited messages about the data breach, as they could be scam attempts.

Malicious actors have launched cyber attacks on several Australian sectors.

Thousands of Western Sydney University staff were affected by a data breach in May, less than a year after highly sensitive Victorian government information was stolen and leaked online.

Millions more Australians have been affected by attacks on Optus, Ticketmaster and Medibank.

Mr Albanese encourages Australians to become more aware of cyber threats as they continue to grow.

MediSecure was one of two electronic prescription delivery services until the end of 2023. The Australian government awarded the service exclusively to eRx Script Exchange.

The company appointed liquidators in June and went into receivership. The company is not part of Australia’s digital health network.

The government has confirmed that the national prescription delivery service eRx is not affected by this cyber incident.

AUSTRALIAN GOVERNMENT ADVICE FOR CYBER VICTIMS

You think a scammer has targeted you, but you haven’t given him or her your details or money

  • Report the scam to the National Anti-Scam Centre – Scamwatch.
  • Report the scam account to the social media or other platform they used to contact you.
  • If it appears that a scammer is posing as an Australian company, contact the fair trade organisation in your state or territory.
  • If you opened a link on your computer or followed instructions on how to install software, you may have installed something malicious. Remove the program and run a full antivirus scan to check for anomalies.
  • If you received a message on a work laptop or phone, contact your IT department and let them know.

You have been scammed and lost money

  • Immediately report the transaction(s) to your bank or financial institution.
  • Create a report via ReportCyber.
  • Stop all communication with the perpetrator.
  • Report the scam account to the social media or other platform they used to contact you.
  • Change your passwords to protect your online accounts. Visit IDCARE for advice on securing your accounts online.

You think a scammer has stolen your personal information

  • Please contact your financial institution to secure your financial accounts.
  • Visit idcare.org for advice on securing your online accounts.
  • Contact other services that use your personal identification documents (for example ATO or Services Australia) to secure your accounts.
  • Create a report via ReportCyber.
  • Make yourself a harder target: Secure your social media and other personal accounts, such as your email.
  • Change the passwords of any other accounts that you believe the scammer has had access to, or now has access to. This may include bank, retirement, and email accounts. You should prioritize changing the passwords of any accounts that have used the same password as the compromised accounts.
  • Contact a credit reporting agency to see if any attempts have been made to open accounts in your name. For information on how to select an agency, visit IDCARE.

Source: cyber.gov.au