Major Data Breach Affects 12.9 Million Australians
-
Loading... - Lester Kendrick
- 19 Jul 2024
- 70 Views
- 0 Like
- 0 Comment
In one of the largest cyber security breaches in Australia's history, MediSecure has confirmed that the personal data of 12.9 million Australians was stolen by hackers earlier this year. MediSecure, a company that facilitates electronic prescriptions and dispensing, went into voluntary administration in June after the government declined to provide a bailout.
Details of the Breach
Scale of the Breach:
MediSecure disclosed that approximately 12.9 million Australians were impacted, based on individuals’ healthcare identifiers. This breach is significant due to the sheer number of people affected.
Timing and Notification:
The hack occurred in April, but MediSecure did not notify the public until May. The delay in notification has raised concerns among the affected individuals and regulatory bodies.
Data Involved:
The breached server contained 6.5 terabytes of data, which is equivalent to billions of pages of text. However, due to the complexity of the data set and the encrypted nature of the server, MediSecure has been unable to determine exactly what data was compromised.
MediSecure went into voluntary administration in June, citing the financial strain caused by the breach and the lack of a government bailout. The company stated it could not afford the substantial costs required to identify the specific impacted individuals.
FTI Consulting, the administrators, issued a statement on Thursday evening confirming the extent of the breach. They highlighted the challenge of identifying the specific individuals affected due to the complexity and volume of the data involved.
“This made it not practicable to specifically identify all individuals and their information impacted by the incident without incurring substantial cost that MediSecure was not in a financial position to meet,” the statement said.
The investigation revealed that 6.5TB of data stored on the server was likely exfiltrated by a malicious third-party actor. The encrypted server could not be fully examined to determine the specific information accessed.
The breach has triggered widespread concern among the public and scrutiny from regulatory authorities. There are calls for improved cyber security measures and more stringent regulations to prevent such incidents in the future.
The incident underscores the need for robust cyber security protocols and the importance of timely public notification in the event of a data breach. It also highlights the financial vulnerabilities of companies facing such attacks and the potential need for government intervention or support.
The MediSecure data breach has had a profound impact on millions of Australians, exposing significant vulnerabilities in cyber security measures. As investigations continue, it is crucial for both private companies and government bodies to enhance their protective measures and ensure the safety of sensitive personal data.
