Search This Blog

Powered by Blogger.

Blog Archive

Labels

Patient Privacy at Risk: Experts React to Health Company Data Leak

Data from millions of Australians exposed by ransomware attack. Potential risks warn experts, but healthcare system remains unaffected.

 


A report released by MediSecure states that it is the victim of a 'large-scale ransomware' data breach that is affecting the health and personal information of millions of individuals. According to the statement, the attack impacts personal and health information. Several of its third-party vendors are suspected of contributing to the breach, which has been reported to have originated from the vendor and it has stated that it is working with Michelle McGuinness, the National Cyber Security Coordinator, to manage the consequences of the breach. 

It was McGuinness's response to the recent data breach at MediSecure that led to an inability to access the company's data, so it is still unclear how much and what kind of data was impacted by the breach. As a result of a large-scale ransomware data breach targeting Australian healthcare company MediSecure, federal police are investigating the incident. The MediSecure website and phone hotline were both unavailable on Thursday. A statement from the company revealed that a cyberattack had caused the company to be offline.

In 2009, this Melbourne-based company established itself to provide electronic prescription services to healthcare providers. As a result of the breach, the company has informed regulators including the Office of the Australian Information Commissioner that it is assisting the Australian Digital Health Agency and the National Security Coordinator to manage the impact.   For further information, MediSecure has been contacted. Australia's National Cyber Security Coordinator, Lieutenant General Michelle McGuinness, told reporters on Thursday that the breach involved an anonymous “commercial health information organization.” 

Earlier in the week, the minister shared her experience on social networking site X, which is similar to Twitter. On Thursday, the government convened a National Coordination Mechanism to discuss the incident after she had been briefed about it earlier in the week. There has not been any data appearing online at the moment, and no ransomware group has claimed responsibility for the hack, O’Neil said. McGuinness is assisting with the company's management of the incident. 

In the eyes of Sadiq Iqbal, a cybersecurity adviser at Check Point Software Technologies, he was particularly concerned about the ransomware attack because it affected a significant healthcare provider that provided critical services. It was noted by McGuinness that the original compromise was isolated, and there is no evidence that the healthcare sector has been exposed to an increased risk of cyber-attack. It is a timely reminder for all organizations in the industry to review their cybersecurity practices in light of the breach, experts believe. 

According to Professor Nigel Phair from Monash University in Victoria, organizations must ensure they only collect, store and utilise the minimum amount of information they need to operate. There has been a major breach of the network at St Vincent's Health, the nation's largest not-for-profit health and aged care provider. Hackers could steal data from its network six months after St Vincent's Health suffered a cyberattack.

Additionally, it comes nearly two years after Australian health insurer Medibank suffered a data breach that compromised the personal information of nearly 10 million customers, including their names, birth dates, addresses, and telephone numbers, after nearly 10 million Australians complained of privacy breaches. An alleged perpetrator of the cyber breach was detained in Russia, which has been reported to be one of the biggest breaches ever to happen. It was announced late last year that Australia would no longer ban companies from making ransomware payments! Instead, the Australian government will introduce mandatory reporting requirements as a compromise.
Share it:

Cyberattacks

CyberCrime

Cybersecurity

CyberThreat

Data Safety

Health Check

McGuinness

MediSecure

Privacy