The data stolen includes personal details and sensitive health information.
Up to 12.9 million Australians have had their personal and health information stolen and uploaded to the dark web by a “malicious third-party actor” after electronic prescriptions provider MediSecure was hacked.
The ePrescription company first became aware of a breach on April 13 when suspected ransomware was discovered in a database server that contained personal and health information before publicly confirming the cyber attack in May.
MediSecure on Thursday revealed about 12.9 million Australians who used the company’s prescription delivery service from March 2019 to November 2023 were impacted after their data stolen by a malicious third-party actor.
Included in the 6.5 terabyte of data stolen included names, dates of birth, addresses, phone numbers, Medicare numbers, prescription information and the reasons for the medication.
The company is reviewing a data set of personal information which has been exposed on the dark web to identify and notify those impacted.
The federal government was not aware of publication of the full data set, National Cyber Security Coordinator Lieutenant General Michelle McGuinness said on X, formerly Twitter.