A ransomware attack on a digital prescription company raised concerns about the security of sensitive customer health information.
Uncertainty surrounds the extent of personal health data theft following a cyber breach that targeted electronic prescriptions provider MediSecure, according to federal authorities.
The Australian cyber security coordinator has stated that there is no indication of an escalated cyber threat to the medical sector, despite a recent ransomware attack on a healthcare business being described as an “isolated” incident.
“We are still working to build a picture of the size and nature of the data that has been impacted by this data breach impacting MediSecure,” Lieutenant General Michelle McGuinness said.
“This discovery work often takes time and I understand Australians are anxious about the possibility of their personal information being affected.”
Cybercriminals have reportedly compromised MediSecure’s digital systems and are now requesting payment in exchange for the stolen data. The eHealth company, which facilitates e-script dispensing to healthcare professionals, stated that the incident is believed to have originated from a problem with one of its third-party vendors.
Typically, businesses of different sizes face varying costs due to cybercrime, with small businesses averaging around $46,000 per year and larger businesses facing an average of $72,000 per year. Authorities are closely examining the possibility of compromised identity documents in the breach, according to General McGuinness.