Australia markets open in 4 hours 19 minutes

    +39.40 (+0.49%)

    -0.0026 (-0.40%)
  • ASX 200

    +34.20 (+0.44%)
  • OIL

    -0.26 (-0.33%)
  • GOLD

    -35.20 (-1.49%)
  • Bitcoin AUD

    -2,512.04 (-2.44%)
  • CMC Crypto 200

    +7.30 (+0.52%)

MediSecure cyber attack: Australian prescription company reveals ‘large-scale ransomware’ breach

The government is investigating a data breach of a health provider.

Australian prescription company MediSecure has fallen victim to a “large-scale ransomware” data breach. A government investigation is now underway and the company has taken "immediate steps to mitigate any potential impact".

National Cyber Security Coordinator Michelle McGuinness said she had been advised of the breach incident on Wednesday afternoon. She did not name the company, but the electronic prescriptions provider has now pulled down its website.

MediSecure said it had "identified a cyber security incident impacting the personal and health information of individuals".

MediSecure data breach
MediSecure data breach (Source: MediSecure/Getty)

Do you have a story to share? Contact

"We have taken immediate steps to mitigate any potential impact on our systems," MediSecure said.


"While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors."


Lieutenant McGuinness said she was working with agencies across the Australian government, states and territories to coordinate a "whole-of-government response to this incident".

"We are in the very preliminary stages of our response and there is limited detail to share at this stage, but I will continue to provide updates as we progress while working closely with the affected commercial organisation to address the impacts caused by the incident."

Lieutenant McGuinness said the Australian Cyber Security Centre was aware of the incident and the Australian Federal Police was investigating.

Cyber Security Minister Clare O’Neil said she had been briefed on the incident and updates would be provided “in due course”.

In 2022, there was a major cyber breach of health insurance giant Medibank and the personal information of 9.7 million customers, including names, dates of birth and Medicare numbers, were stolen.

Russian man Alexsandr Ermakov was identified as the person responsible for the cyber attack by authorities.

Get the latest Yahoo Finance news - follow us on Facebook, LinkedIn and Instagram.