In May 2024, MediSecure โ€” an Australian e-prescriptions provider โ€” confirmed a large-scale ransomware attack that exposed the personal and health information of approximately 12.9 million Australians. This makes it one of the largest data breaches in Australian history.

Who is MediSecure?

MediSecure was one of two providers of electronic prescription delivery services in Australia. If you used electronic prescriptions in Australia before mid-2023, there is a high likelihood your data was held by MediSecure.

What data was exposed?

The breach exposed names, dates of birth, addresses, phone numbers, Medicare card numbers, healthcare identifiers, and prescription records โ€” including medication names, dosages, and conditions being treated. Prescription data is among the most sensitive health information that exists.

What happened to the data?

The attackers published 6.5 terabytes of data on the dark web after MediSecure entered administration and was unable to pay a ransom. The company subsequently went into liquidation, leaving breach victims with limited recourse against the organisation responsible.

What should you do?

  1. Check your breach exposure โ€” Run a free check to see what data of yours is currently in circulation.
  2. Contact Services Australia โ€” If you believe your Medicare details have been misused, call 132 011.
  3. Alert your GP and pharmacist โ€” They should be aware that your prescription history may be in the hands of malicious actors.
  4. Watch for medical identity fraud โ€” This occurs when someone uses your details to claim Medicare benefits or obtain prescription medications.
  5. Consider a personal data audit โ€” A DataGuard AU Personal Audit provides a complete picture of your digital exposure and a prioritised action plan.

Check your breach exposure free โ†’