Australian healthcare company MediSecure has suffered a “large scale” ransomware attack, putting individuals’ personal and health information at risk.
The electronic prescriptions provider confirmed the incident in a statement on May 16, which it admitted has impacted the personal and health information of individuals.
The company confirmed that the attack was caused by an attack on a third-party supplier.
No indication has been given as to the nature of the information that has potentially been accessed. Currently, no data appears to have been released online and the attackers have not been identified publicly.
Medisecure’s website and phone lines are also out of operation at the time of writing.
“While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors,” MediSecure commented.
The firm said it has taken immediate steps to mitigate any potential impact on its systems and is actively assisting Australia’s National Cyber Security Coordinator to manage the incident.
The Office of the Australian Information Commissioner and other key regulators have also been notified.
Australia’s National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, commented on 16 May: “I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government response to this incident.”
The incident is also being investigated by the Australian Federal Police.
Both MediSecure and McGuiness said they will continue to provide updates when they become available.
Healthcare Targeted by Ransomware Yet Again
The MediSecure incident follows a broader trend of healthcare organizations being targeted by ransomware attacks.
Comparitech researchers have logged 24 confirmed ransomware attacks on US healthcare organizations so far in 2024. This followed 126 such attacks in 2023, which affected at least 17.6 million records.
A ransomware incident is currently affecting US private healthcare giant Ascension, which has led to ambulances being diverted and patient appointments being postponed. The attack has reportedly been perpetrated by the Black Basta ransomware group.
In February 2024, US health payment provider Change Healthcare was also hit by a ransomware attack, severely disrupting patient care across the US.
Change’s owner UnitedHealth later confirmed that it paid the BlackCat ransomware group a ransom to restore its systems, reportedly around $22m, to restore its systems.
Healthcare is a lucrative target for ransomware attackers, due both to the highly sensitive information held and the potential harm to patient health.