Home Australia How to know if you are one of the 12.9 million Australians affected by the MediSecure hack and what you should do NOW

How to know if you are one of the 12.9 million Australians affected by the MediSecure hack and what you should do NOW

0 comments
Nearly 13 million Australians have been affected by one of the country's largest data breaches, after hackers stole information from MediSecure's data servers in April.

Australians fearing they may be caught up in one of the country’s biggest cyber attacks must now be on constant alert for potential scams, as experts have revealed how to protect themselves.

MediSecure, an online prescription provider, was compromised by hackers earlier this year, with the personal data of 12.9 million Australians stolen and posted on the dark web.

Names, birth dates, addresses, phone numbers, email addresses, Medicare numbers, prescription information and reasons for medication were among the 6.5 terabytes of data stolen by hackers.

The company revealed on Thursday that nearly 13 million Australians who used its prescription delivery service between March 2019 and November 2023 were affected.

But they said they have not been able to identify exactly who the victim is due to the “complexity of the data set.”

Professor Matthew Warren, director of RMIT’s Centre for Cyber ​​Security, said Australians won’t know if they are victims of a breach until they notice a threat to their personal safety.

He said this can include scammers applying for loans in their name, affected credit scores or scammers trying to contact them directly.

“There are a number of malicious ways that cybercriminals and identity thieves can use personal data,” she told Daily Mail Australia.

Nearly 13 million Australians have been affected by one of the country’s largest data breaches, after hackers stole information from MediSecure’s data servers in April.

‘Through direct attacks, they can apply for loans or lines of credit, make purchases with credit cards, access financial accounts, etc.

‘Another concern is that attacks could use information to try to take over online accounts or identities.’

UNSW cybersecurity expert Professor Sanjay Jha said that when malicious cyberattacks on businesses and organisations result in breaches, it can take some time for that personal information to reach professional hackers or others trying to make money from the stolen data.

“Much of this information, when obtained through a cyberattack, is then sold on the dark web and perhaps then purchased by hackers who create phishing sites designed to obtain the additional credentials they need to log into bank accounts and steal money,” he said.

‘Personal data is a valuable commodity. Even if credentials are not stolen, they can be sold as marketing information.

‘But if there is a specific piece of identity, that can kick off cybercrime because it helps bad actors build your profile and maybe use social engineering to try to get the full information they need to log into your banking system or compromise your medical records.

“Simply knowing your mobile phone number and whether you are a man or a woman can be enough to get criminals started.”

However, Professor Jha said anyone who believes their personal information has been compromised in the attack should not panic but be on alert.

“(The stolen personal data is) a lot of information,” he said.

‘With phone numbers and email addresses being stolen, potential victims will need to worry about phishing emails or SMS-based scams.

‘Be careful not to click on posts and if you receive a message from someone claiming to be from a service, such as AusPost, make sure you go to the authorised website.’

MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023

MediSecure was one of two electronic prescription delivery services operating in Australia until the end of 2023

Professor Jha said the data could also be used by fraudsters to target victims’ bank accounts or accounts at other institutions, as details such as someone’s date of birth are often used as a verification tool when speaking to customer service over the phone.

However, he stressed that the responsibility for monitoring fraudsters also lies with banking companies and other organisations that handle personal data, which he believes will look to strengthen their security measures in the wake of the attack.

He said anyone concerned they may be affected could take precautionary measures now by reviewing their digital security.

‘Reset your passwords: If (the website or company) offers multi-factor authentication, use it,’ he said.

Use strong passwords, and instead of writing them down on paper, try using a password management system.

“It can be a little tricky, but it keeps you safer.”

Both Professor Jha and Professor Warren urged Australians who suspect they have been victims of cybercrime to follow the advice provided by the Government of Australiawhich includes reporting the incident and contacting financial institutions.

MediSecure first became aware of the breach on April 13 when suspected ransomware was discovered on a server containing sensitive personal and health data, and later publicly confirmed the attack in May.

The attack is believed to be linked to a well-known Russia-based ransomware group.

Stolen data includes Medicare numbers, prescription information and reasons for medication (file image)

Stolen data includes Medicare numbers, prescription information and reasons for medication (file image)

On Thursday, MediSecure and its administrators publicly announced that the company has ceased its investigation into the cyber incident that affected the company earlier this year.

A sample of personal information has been exposed on the dark web, but the company said it was unable to identify the specific individuals affected due to the complexity of the data and the cost of doing so.

The federal government was not aware of the release of the full data set, national cybersecurity coordinator Lt. Gen. Michelle McGuinness said on X, formerly Twitter.

“No one should be searching for or accessing stolen sensitive or personal information on the dark web,” Lt. Gen. McGuinness said Thursday.

Prime Minister Anthony Albanese said the government was working with the Australian Federal Police and the private sector to address national security and privacy concerns.

“This is a very significant cyber event,” Albanese told reporters in Cairns on Friday.

Prime Minister Anthony Albanese has urged Australians to be vigilant following the attack

Prime Minister Anthony Albanese has urged Australians to be vigilant following the attack

‘It’s not the first and it won’t be the last.

“We know that some state actors have been involved in cyberattacks, but we also know that criminal elements, both here and abroad, have also been involved.”

Australians have been urged not to respond to unsolicited messages about the data breach as they could be scam attempts.

Bad actors have launched cyberattacks against a range of Australian sectors.

Thousands of Western Sydney University employees were victims of a data breach in May, less than a year after highly confidential Victorian government information was stolen and leaked online.

Millions more Australians have had their data compromised in attacks on Optus, Ticketmaster and Medibank.

Mr Albanese has encouraged Australians to be more aware of cyber threats as they proliferate.

MediSecure was one of two electronic prescription delivery services until the end of 2023, with the Australian government awarding the service exclusively to eRx Script Exchange.

The company appointed liquidators and went into administration in June, and is not part of Australia’s digital health network.

The national prescription delivery service eRx is not affected by this cyber incident, the government confirmed.

AUSTRALIAN GOVERNMENT ADVICE FOR CYBER VICTIMS

You think you’ve been targeted by a scammer, but you haven’t given them your details or money

  • Report the scam to the National Anti-Scam Centre – Scamwatch.
  • Report the fraudulent account to the social media or other platform they used to interact with you.
  • If it appears that a scammer is posing as an Australian business, contact your state or territory fair trading organisation.
  • If you have opened a link on your computer or followed instructions on how to install a software, you may have installed something malicious. Uninstall the program and run a full antivirus scan to check for any abnormalities.
  • If you have received a message on a work laptop or phone, please contact your IT department and let them know.

You have been scammed and lost money

  • Report the transactions to your bank or financial institution immediately.
  • Please complete a report via ReportCyber.
  • Stop all communication with the offender.
  • Report the fraudulent account to the social media or other platform they used to interact with you.
  • Change your passwords to protect your online accounts. Visit IDCARE for tips on how to protect your online accounts.

Do you think a scammer has stolen your personal information?

  • Contact your financial institution to protect your financial accounts.
  • Please visit idcare.org for advice on protecting your online accounts.
  • Contact any other services that use your personal identity documents (e.g. ATO or Services Australia) to protect your accounts.
  • Please complete a report via ReportCyber.
  • Make yourself a tougher target: Protect your social media and other personal accounts, such as your email.
  • Change the passwords for any other accounts you believe the scammer has accessed or now has access to. This could include bank, retirement, and email accounts. You should make it a priority to change the passwords for any accounts that have reused the same password as the compromised accounts.
  • Contact a credit reporting agency to see if any attempts have been made to open accounts in your name. For information on how to select an agency, visit IDCARE.

Fountain: cyber.gov.au

(tags to translate)dailymail

You may also like