The incident recalls an October 2022 ransomware attack on Medibank, one of the country's largest health insurance providers, that led to the scandalous publication of sensitive healthcare data.
As part of the Medibank criminals' extortion attempt, sensitive healthcare claims data for around 480,000 individuals - including information about drug addiction treatments and abortions - was published on the dark web.
The move, alongside several other high-profile breaches, set off a range of cybersecurity reforms in Australia.
These included an updated national cybersecurity strategy that ultimately fell short of the government's initial intentions to ban ransomware payments in their entirety.
Following the Medibank incident, Australia, the United Kingdom and the United States imposed sanctions and travel bans on a Russian hacker, Aleksandr Ermakov, whom they accused of being involved in the extortion attempt.
Australia's national cybersecurity coordinator - an office established in the wake of the Medibank incident - said the government was aware of the MediSecure incident, and that the Australian federal police were investigating it.
Clare O'Neil, Australia's minister for cybersecurity, said she had been briefed on the incident.
SEC to require financial firms to have data breach incident plans.
Company that assists health care insurers discloses 2023 data breach.
This Cyber News was published on therecord.media. Publication date: Fri, 17 May 2024 11:55:14 +0000