MediSecure put into administration weeks after data breach

Online prescription provider MediSecure has collapsed into administration and liquidation just weeks after a large-scale ransomware attack resulted in customer data being leaked onto the dark web.
The Melbourne-based healthcare provider last month confirmed that a massive data breach had occurred, with the personal information and some limited health information of people who used the service subsequently published on a dark web forum.

MediSecure, active since 2009, was a national prescription delivery service provider that allowed prescriptions to be delivered from prescribers to a pharmacy of the individual’s choice.

But on Wednesday, FTI Consulting was appointed as a voluntary administrator of Medisecure Limited and liquidator of its subsidiary, Operations MDS Pty Ltd.

Vaughan Strawbridge and Paul Harlond have been appointed administrators and liquidators of a subsidiary called Operations MDS Pty Ltd.

In a statement, they said MediSecure had been in contact with the federal government about the breach.

“Our role as administrators and liquidators involves investigating the company’s affairs to identify the reasons for its failure and examining options that may be available to recover assets for the benefit of the companies’ creditors,” Strawbridge said.

“We will be talking to the Australian Government about what they need from the company and the next steps in responding to the cyber incident.”

The first meeting of creditors will take place on June 14.

After the data breach was first detected, MediSecure took immediate steps to mitigate any impact on its systems.

“MediSecure takes its legal and ethical obligations seriously and believes this information is concerning,” the company said in a May 16 statement.

In a further statement on May 24, the company confirmed that a dataset containing customers’ personal information and some limited health information had been made available on a dark web forum.

“While MediSecure is working urgently to notify those affected, we wish to reiterate and reassure the Australian community that this cybersecurity incident does not impact ongoing access to medicines,” they said.

The eHealth company said the cyber incident likely originated from an issue with one of its third-party vendors.

At the time, cybersecurity coordinator Michelle McGuinness said authorities were investigating the cause of the breach.

The latest breach follows health insurance giant Medibank falling victim to a major cyber attack that affected the personal data of 9.7 million people in 2022.

The attack was believed to be linked to a known ransomware group based in Russia.

The Australian Signals Directorate revealed in its annual cyber threat update that almost 94,000 cyber crime reports were made to police in 2022-23, a 23% increase on the previous year.

Read related topics:Melbourne

Leave a Comment

URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL URL