The government is investigating a ransomware data breach involving MediSecure, an electronic prescriptions provider. 

MediSecure, a company that facilitates electronic prescribing and dispensing of prescriptions, temporarily took down its website in response to the attack. 

In a public statement, the company acknowledged a cyber security incident impacting “the personal and health information of individuals”. 

Although the extent of the breach is still unclear, MediSecure suspects the attack originated from a third-party vendor.

The company says it took immediate steps to mitigate any potential impact on systems.

National cyber security coordinator Lt Gen Michelle McGuinness said limited information is currently available. 

“I am working with agencies across the Australian government, states, and territories to coordinate a whole-of-government response to this incident,” she said on social media platform X. 

Lt Gen McGuinness assured that “no current ePrescriptions have been impacted or accessed”.

MediSecure has also confirmed its collaboration with the Australian Digital Health Agency, the Australian Federal Police, and other relevant authorities to manage the incident's impacts. 

Cyber Security Minister Clare O'Neil noted that the government had convened a national coordination mechanism and would provide updates as the situation progresses.

MediSecure, along with eRx, had been awarded contracts by the federal government to provide PBS e-script services until late last year. 

The company continued to provide private prescription services after the tender was exclusively granted to eRx in a nearly $100 million agreement.

Steve Robson, president of the Australian Medical Association, has called for a “thorough and transparent investigation, backed by clear and consistent communication to the public and profession” to maintain trust in electronic health systems. 

More details are accessible here.