Australians fearing they may be caught up in one of the country’s biggest cyber attacks must now be on constant alert for potential scams, as experts have revealed how to protect themselves.
MediSecure, an online prescription provider, was compromised by hackers earlier this year, with the personal data of 12.9 million Australians stolen and posted on the dark web.
Names, birth dates, addresses, phone numbers, email addresses, Medicare numbers, prescription information and reasons for medication were among the 6.5 terabytes of data stolen by hackers.
The company revealed on Thursday that nearly 13 million Australians who used its prescription delivery service between March 2019 and November 2023 were affected.
But they said they have not been able to identify exactly who the victim is due to the “complexity of the data set.”
Professor Matthew Warren, director of RMIT’s Centre for Cyber Security, said Australians won’t know if they are victims of a breach until they notice a threat to their personal safety.
He said this can include scammers applying for loans in their name, affected credit scores or scammers trying to contact them directly.
“There are a number of malicious ways that cybercriminals and identity thieves can use personal data,” she told Daily Mail Australia.
Nearly 13 million Australians have been affected by one of the country’s largest data breaches, after hackers stole information from MediSecure’s data servers in April.
‘Through direct attacks, they can apply for loans or lines of credit, make purchases with credit cards, access financial accounts, etc.
‘Another concern is that attacks could use information to try to take over online accounts or identities.’
UNSW cybersecurity expert Professor Sanjay Jha said that when malicious cyberattacks on businesses and organisations result in breaches, it can take some time for that personal information to reach professional hackers or others trying to make money from the stolen data.
“Much of this information, when obtained through a cyberattack, is then sold on the dark web and perhaps then purchased by hackers who create phishing sites designed to obtain the additional credentials they need to log into bank accounts and steal money,” he said.
‘Personal data is a valuable commodity. Even if credentials are not stolen, they can be sold as marketing information.
‘But if there is a specific piece of identity, that can kick off cybercrime because it helps bad actors build your profile and maybe use social engineering to try to get the full information they need to log into your banking system or compromise your medical records.
“Simply knowing your mobile phone number and whether you are a man or a woman can be enough to get criminals started.”
However, Professor Jha said anyone who believes their personal information has been compromised in the attack should not panic but be on alert.
“(The stolen personal data is) a lot of information,” he said.
‘With phone numbers and email addresses being stolen, potential victims will need to worry about phishing emails or SMS-based scams.
‘Be careful not to click on posts and if you receive a message from someone claiming to be from a service, such as AusPost, make sure you go to the authorised website.’
MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023
Professor Jha said the data could also be used by fraudsters to target victims’ bank accounts or accounts at other institutions, as details such as someone’s date of birth are often used as a verification tool when speaking to customer service over the phone.
However, he stressed that the responsibility for monitoring fraudsters also lies with banking companies and other organisations that handle personal data, which he believes will look to strengthen their security measures in the wake of the attack.
He said anyone concerned they may be affected could take precautionary measures now by reviewing their digital security.
‘Reset your passwords: If (the website or company) offers multi-factor authentication, use it,’ he said.
Use strong passwords, and instead of writing them down on paper, try using a password management system.
“It can be a little tricky, but it keeps you safer.”
Both Professor Jha and Professor Warren urged Australians who suspect they have been victims of cybercrime to follow the advice provided by the Government of Australiawhich includes reporting the incident and contacting financial institutions.
MediSecure first became aware of the breach on April 13 when suspected ransomware was discovered on a server containing sensitive personal and health data, and later publicly confirmed the attack in May.
The attack is believed to be linked to a well-known Russia-based ransomware group.
Stolen data includes Medicare numbers, prescription information and reasons for medication (file image)
On Thursday, MediSecure and its administrators publicly announced that the company has ceased its investigation into the cyber incident that affected the company earlier this year.
A sample of personal information has been exposed on the dark web, but the company said it was unable to identify the specific individuals affected due to the complexity of the data and the cost of doing so.
The federal government was not aware of the release of the full data set, national cybersecurity coordinator Lt. Gen. Michelle McGuinness said on X, formerly Twitter.
“No one should be searching for or accessing stolen sensitive or personal information on the dark web,” Lt. Gen. McGuinness said Thursday.
Prime Minister Anthony Albanese said the government was working with the Australian Federal Police and the private sector to address national security and privacy concerns.
“This is a very significant cyber event,” Albanese told reporters in Cairns on Friday.
Prime Minister Anthony Albanese has urged Australians to be vigilant following the attack
‘It’s not the first and it won’t be the last.
“We know that some state actors have been involved in cyberattacks, but we also know that criminal elements, both here and abroad, have also been involved.”
Australians have been urged not to respond to unsolicited messages about the data breach as they could be scam attempts.
Bad actors have launched cyberattacks against a range of Australian sectors.
Thousands of Western Sydney University employees were victims of a data breach in May, less than a year after highly confidential Victorian government information was stolen and leaked online.
Millions more Australians have had their data compromised in attacks on Optus, Ticketmaster and Medibank.
Mr Albanese has encouraged Australians to be more aware of cyber threats as they proliferate.
MediSecure was one of two electronic prescription delivery services until the end of 2023, with the Australian government awarding the service exclusively to eRx Script Exchange.
The company appointed liquidators and went into administration in June, and is not part of Australia’s digital health network.
The national prescription delivery service eRx is not affected by this cyber incident, the government confirmed.
(tags to translate)dailymail
