MediSecure not secure - massive hack.
Forum rules
It's such a fine line between stupid and clever. Random guest posting.
It's such a fine line between stupid and clever. Random guest posting.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
MediSecure not secure - massive hack.
https://www.abc.net.au/news/2024-05-16/ ... /103856582
16th May 2024 updated 26m ago
The ABC can confirm e-script provider MediSecure is the health organisation
at the centre of the large-scale ransomware data breach
announced by the National Cyber Security Coordinator on Thursday.
MediSecure's website has been pulled, and the company has posted a statement saying it has identified a cyber security incident impacting "the personal and health information of individuals".
The company is a prescription exchange service, which facilitates electronic prescribing and dispensing of prescriptions.
It says it has "taken immediate steps to mitigate any potential impact on our systems", and believes the incident originated from a third-party vendor.
"MediSecure takes its legal and ethical obligations seriously and appreciates this information will be of concern.
"MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the impacts of the incident."
Earlier, the National Cyber Security Coordinator Michelle McGuiness was unable to share what company had been affected.
"I am working with agencies across the Australian government, states and territories to coordinate a whole-of-government response to this incident," Lieutenant-General McGuinness said in a statement on social media platform X.
"We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."
The organisation is also working with the Australian Federal Police.
Cyber Security Minister Care O'Neil says she was briefed on the breach, and the government had convened a National Coordination Mechanism.
"Updates will be provided in due course," she said on social media platform X.
"Speculation at this stage risks undermining significant work underway to support the company's response."
In October 2022, Medibank revealed hackers accessed the personal data of all customers across its Medibank, ahm and OSHC brands, affecting millions of Australians.
Back to top
16th May 2024 updated 26m ago
The ABC can confirm e-script provider MediSecure is the health organisation
at the centre of the large-scale ransomware data breach
announced by the National Cyber Security Coordinator on Thursday.
MediSecure's website has been pulled, and the company has posted a statement saying it has identified a cyber security incident impacting "the personal and health information of individuals".
The company is a prescription exchange service, which facilitates electronic prescribing and dispensing of prescriptions.
It says it has "taken immediate steps to mitigate any potential impact on our systems", and believes the incident originated from a third-party vendor.
"MediSecure takes its legal and ethical obligations seriously and appreciates this information will be of concern.
"MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the impacts of the incident."
Earlier, the National Cyber Security Coordinator Michelle McGuiness was unable to share what company had been affected.
"I am working with agencies across the Australian government, states and territories to coordinate a whole-of-government response to this incident," Lieutenant-General McGuinness said in a statement on social media platform X.
"We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."
The organisation is also working with the Australian Federal Police.
Cyber Security Minister Care O'Neil says she was briefed on the breach, and the government had convened a National Coordination Mechanism.
"Updates will be provided in due course," she said on social media platform X.
"Speculation at this stage risks undermining significant work underway to support the company's response."
In October 2022, Medibank revealed hackers accessed the personal data of all customers across its Medibank, ahm and OSHC brands, affecting millions of Australians.
Back to top
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
But the new Digital ID system will be unhackable? - yeah right.
https://www.afr.com/technology/electron ... 516-p5je6m
Australia has been roiled by several major hacks in recent years, including on
Optus, Medibank, Latitude Financial, law firm HWL Ebsworth and stevedore DP World.
Electronic prescriptions company hacked in major ransomware breach
The Australian cyber security co-ordinator has confirmed it is managing the fallout from a serious hack and extortion attempt on a healthcare information company.
The Australian Financial Review can reveal the company that has had data stolen is MediSecure, an electronic prescriptions provider. Its software lets people get their scripts from their doctor digitally, raising the spectre of personal medication information being leaked online.
On Thursday, the company’s website was down and its phone lines were out of operation. In a statement posted to its otherwise empty website, the company said it had taken steps to limit the damage of the hack and was working with authorities.
https://www.afr.com/technology/electron ... 516-p5je6m
Australia has been roiled by several major hacks in recent years, including on
Optus, Medibank, Latitude Financial, law firm HWL Ebsworth and stevedore DP World.
Electronic prescriptions company hacked in major ransomware breach
The Australian cyber security co-ordinator has confirmed it is managing the fallout from a serious hack and extortion attempt on a healthcare information company.
The Australian Financial Review can reveal the company that has had data stolen is MediSecure, an electronic prescriptions provider. Its software lets people get their scripts from their doctor digitally, raising the spectre of personal medication information being leaked online.
On Thursday, the company’s website was down and its phone lines were out of operation. In a statement posted to its otherwise empty website, the company said it had taken steps to limit the damage of the hack and was working with authorities.
- Black Orchid
- Posts: 25683
- Joined: Sun Sep 25, 2011 1:10 am
Re: MediSecure not secure - massive hack.
I use cash wherever I can and will continue to do so. Albo is going to ban ChemistWarehouse from applying their $1 discounts to prescriptions even though they are legally allowed to do so.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
Really?Black Orchid wrote: ↑Thu May 16, 2024 6:17 pmI use cash wherever I can and will continue to do so. Albo is going to ban ChemistWarehouse from applying their $1 discounts to prescriptions even though they are legally allowed to do so.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
The penalties are not sufficient to increase security in companies
that guard our highly personal data.
Was anyone compensated for having their personal data available
to criminals on the dark web?
Optus never compensated me.
that guard our highly personal data.
Was anyone compensated for having their personal data available
to criminals on the dark web?
Optus never compensated me.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
Cyber crime costing the Australian economy $30 billion a year.
The war against data hackers is ramping up. In the wake of the Optus and Medibank scandals – Canberra is looking at ways to defend our cyber borders by throwing up new internet blocks and making it illegal to pay data ransoms.
The war against data hackers is ramping up. In the wake of the Optus and Medibank scandals – Canberra is looking at ways to defend our cyber borders by throwing up new internet blocks and making it illegal to pay data ransoms.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
What worries me is that there is no path for compensation if your ID is hacked.
It's the same with Optus where 10 million records were stolen including mine -
all out there on the dark web.
What compensation did we receive? - nothing zero.
It's the same with Optus where 10 million records were stolen including mine -
all out there on the dark web.
What compensation did we receive? - nothing zero.
- Bobby
- Posts: 18214
- Joined: Thu Feb 23, 2017 8:09 pm
Re: MediSecure not secure - massive hack.
Back to Optus:
https://www.cyberdaily.au/security/1062 ... ort-secret
Optus loses appeal to keep Deloitte cyber attack report secret
The Federal Court has dismissed Optus’ appeal to hold back a Deloitte report into its 2022 cyber attack from class action lawyers.
user icon David Hollingworth • Mon, 27 May 2024
The Australian Federal Court has ruled that Optus will not be able to keep a report it commissioned from professional services firm Deloitte regarding its 2022 cyber attack out of the hands of lawyers representing a class action against the telco.
Optus had claimed that the report and its contents were protected under legal professional privilege and that it was primarily commissioned to provide legal advice. However, Federal Court judge Justice Jonathan Beach ruled against this claim in November, saying there were “problematic aspects” to the company’s claim.
Justice Beach determined that since the report had been mentioned in an Optus press release, and then Optus CEO had said the report would “help inform the response to the incident”, its “dominant purpose was not a legally privileged purpose”.
“This is hardly the stuff of a report being prepared or used predominantly for legal advice or a litigation purpose,” said at the time.
The report must now be shared with law firm Slater & Gordon, which is pursuing the class action on behalf of Optus customers impacted by the data breach. It is expected that while the report is not being released to the public, portions of it will likely become public as the class action proceeds.
Ben Hardwick, class actions practice group leader at Slater & Gordon, is pleased by the Federal Court’s decision.
“Despite refusing to accept the umpire’s decision, Optus must now hand over the Deloitte report into how millions of its customers’ private information was accessed as a consequence of the 2022 data breach,”
https://www.cyberdaily.au/security/1062 ... ort-secret
Optus loses appeal to keep Deloitte cyber attack report secret
The Federal Court has dismissed Optus’ appeal to hold back a Deloitte report into its 2022 cyber attack from class action lawyers.
user icon David Hollingworth • Mon, 27 May 2024
The Australian Federal Court has ruled that Optus will not be able to keep a report it commissioned from professional services firm Deloitte regarding its 2022 cyber attack out of the hands of lawyers representing a class action against the telco.
Optus had claimed that the report and its contents were protected under legal professional privilege and that it was primarily commissioned to provide legal advice. However, Federal Court judge Justice Jonathan Beach ruled against this claim in November, saying there were “problematic aspects” to the company’s claim.
Justice Beach determined that since the report had been mentioned in an Optus press release, and then Optus CEO had said the report would “help inform the response to the incident”, its “dominant purpose was not a legally privileged purpose”.
“This is hardly the stuff of a report being prepared or used predominantly for legal advice or a litigation purpose,” said at the time.
The report must now be shared with law firm Slater & Gordon, which is pursuing the class action on behalf of Optus customers impacted by the data breach. It is expected that while the report is not being released to the public, portions of it will likely become public as the class action proceeds.
Ben Hardwick, class actions practice group leader at Slater & Gordon, is pleased by the Federal Court’s decision.
“Despite refusing to accept the umpire’s decision, Optus must now hand over the Deloitte report into how millions of its customers’ private information was accessed as a consequence of the 2022 data breach,”
- Black Orchid
- Posts: 25683
- Joined: Sun Sep 25, 2011 1:10 am
Re: MediSecure not secure - massive hack.
It's nice to see some moral common sense prevail occasionally.The Australian Federal Court has ruled that Optus will not be able to keep a report it commissioned from professional services firm Deloitte regarding its 2022 cyber attack out of the hands of lawyers representing a class action against the telco.
Who is online
Users browsing this forum: No registered users and 36 guests