On Thursday last week, Australian media began reporting that an unnamed “commercial health information organisation” had been targeted by cyber criminals. Within hours, reports quickly confirmed that data relating to digital prescriptions for Australian patients had been caught up in a ransomware incident at the Melbourne-based MediSecure . The public may be concerned at the lack of information shared to date, with the Australian government still saying it is in the preliminary stages of its response, and investigations are ongoing.
It is quite normal for such investigations to take time. In fact, it’s likely to be several days (even weeks) before we have a full picture of the impact. While these investigations progress, it is important to be alert to opportunistic scams that are likely to emerge in the coming days – even if you have never received a digital prescription.
MediSecure provided digital prescription (eScript) services across Australia until late 2023. The company would have held personal details and some limited medical data relating to prescriptions. If you received a prescription (via email or SMS) prior to November, it is possible your medical practice was using the MediSecure prescription system.
You can potentially check this by consulting older scripts and seeing if the hyperlink was issued via MediSecure. However, there is currently no information that would allow us to determine who is affected. For many, this will be disappointing as there would .