Get used to it: Albanese says massive cyber attack affecting 13 million ‘won’t be the last time’
A cyber attack that led to the theft of personal data relating to almost half of all Australians will not be the last incident of its kind, the prime minister has warned.
Australian Prime Minister Anthony Albanese meets ADF personnel and Queensland Premier Steven Miles. (AAP Image/Dave Hunt)
Electronic prescriptions provider MediSecure revealed on Thursday 12.9 million customers had their data stolen, with an unknown amount uploaded to the dark web.
Prime Minister Anthony Albanese said the government was working with the Australian Federal Police and the private sector to address national security and privacy concerns.
“This is a very significant cyber event,” Mr Albanese told reporters in Cairns on Friday.
“It’s not the first and it won’t be the last.
“We know some state actors have been involved in cyber attacks, but we know also that criminal elements – both here and overseas – have been involved as well.”
Australians have been urged not to respond to unsolicited messages about the data breach as they could be scam attempts.
Bad actors have launched cyber attacks on a variety of Australian sectors.
Thousands of Western Sydney University staff fell victim to a data breach in May, less than a year after highly sensitive Victorian government information was stolen and leaked to the web.
Millions more Australians have had their data compromised in attacks on Optus, Ticketmaster and Medibank.
Mr Albanese has encouraged Australians to become more cyber aware as threats proliferate.
MediSecure first became aware of the breach on April 13 when suspected ransomware was discovered on a server containing the sensitive personal and health data, then publicly confirmed the attack in May.
Australians who used the prescription delivery service from March 2019 to November 2023 were impacted, the company revealed.
About 6.5 terabytes of data, which included names, dates of birth, addresses, phone numbers, Medicare numbers, prescription information and reasons for medication.
A data sample has been exposed on the dark web but MediSecure said it was unable to identify specific individuals impacted due to the complexity of the data and the cost of doing so.
The company appointed liquidators and went into administration in June.