Major Australian prescription delivery service provider MediSecure had information from almost 12.9 million individuals compromised following a ransomware attack in April, BleepingComputer reports.
Threat actors behind the attack discovered on April 13 were able to exfiltrate 6.5 TB of data, including names, birthdates, contact details, addresses, individual healthcare identifiers, Medicare numbers, and prescription information from customers who used the service between March 2019 and November 2023, said MediSecure, which has already restored all the impacted data from a backup server. "However, MediSecure is unable to identify the specific impacted individuals despite making all reasonable efforts to do so due to the complexity of the data set," the prescription delivery service added. Such a disclosure from MediSecure was accompanied by a warning from the Australian National Cyber Security Coordination alerting impacted individuals regarding potential scams exploiting the incident. "If contacted by someone claiming to be a medical or other service provider, including financial service provider, seeking personal, payment or banking information you should hang up and call back on a phone number you have sourced independently," said the agency.
