MediSecure collapses into administration and liquidation after cyber ransom attack

A national provider of medical scripts has collapsed less than three weeks after it was hacked.

On Tuesday, digital prescription company MediSecure Limited went into administration, while the company’s subsidiary, Operations MDS Pty Ltd, went into liquidation.

Vaughan Strawbridge and Paul Harlond of restructuring firm FTI Consulting were announced as joint administrators and receivers of the two entities just before midday on Wednesday.

The Melbourne-based company has been operating since 2009 and specializes in electronic prescribing for healthcare professionals.

But last month, MediSecure fell victim to a massive ransomware attack that apparently made it impossible to continue business.

Customer details, including personal information and limited medical information, were published on the dark web.

In mid-May, the eHealth provider announced that it had discovered a cyber security incident and was working closely with cyber authorities.

“MediSecure is aware that a dataset containing personal information and limited health information about our customers is available on a dark web forum,” the company said.

“We urge Australians not to search for this data. Accessing stolen sensitive or personal data on the dark web only encourages future cybercriminal activity against Australian businesses.”

National Cyber ​​Security Coordinator Michelle McGuinness said at the time that she had been made aware of the MediSecure breach.

“I am working with agencies across the Australian Government, states and territories to coordinate a whole-of-government response to this incident,” McGuinness said last month.

“The Australian Cyber ​​Security Directorate is aware of the incident and the Australian Federal Police is investigating.”

Home Secretary Clare O’Neil also weighed in and called in top intelligence and security officials in response to the MediSecure crisis incident.

“I have been informed of this incident in recent days and the government has today convened a national coordination mechanism regarding this matter,” she wrote on X.

The newly appointed administrators of MediSecure said that they are cooperating with the relevant authorities and creditors.

“The company has been in contact with the Australian Government regarding the provision of information in response to this incident,” Mr Strawbridge said.

“We will be talking to the Australian government about what they need from the company and the next steps in responding to the cyber incident.”

The first meeting of creditors will be held this month.

At the end of last month, another healthcare provider failed, albeit for very different reasons.

Australia’s “leading” telehealth provider Ereports Pty Ltd has been ordered into judicial liquidation with debts estimated at more than $10 million.

In 2022, health insurance giant Medibank fell victim to a massive cyber attack that affected the personal data of 9.7 million people.

The attack is believed to be linked to a well-known ransomware group based in Russia.

The federal government released its seven-year cybersecurity strategy in November, allocating $565 million to help businesses report malicious hacks and ransomware attacks.

In its annual cyber threat update, the Australian Signals Directorate revealed almost 94,000 reports of cybercrime were made to police in 2022-23, a 23 per cent increase on the previous year.

The cyber agency has revealed that China is the main proponent of hacking into Australia’s critical infrastructure and businesses.

– Via NCA Newswire

Leave a Comment