We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

MediSecure Customer Data Is Being Sold on the Dark Web

MediSecure Customer Data Is Being Sold on the Dark Web
Author Image Husain Parvez
Husain Parvez Published on 30th May 2024 Cybersecurity Researcher

Australian digital prescription services provider MediSecure has confirmed a significant data breach following a ransomware attack, resulting in the theft of 6.5 terabytes of sensitive information. The stolen data, which includes personal and health information of patients and healthcare providers, has been put up for sale on a dark web forum for $50,000.

MediSecure, which operated as a prescription delivery service across Australia until late 2023, disclosed the data breach earlier this month. The incident is believed to have originated from one of its third-party vendors, according to MediSecure. "MediSecure is aware that a data set containing the personal information and limited health information of our customers has been made available on a dark web forum," the company stated in an update on its website.

The threat actor, using the alias Ansgar, posted screenshots as proof of possession of the stolen data, which includes names, addresses, email addresses, phone numbers, insurance numbers, prescription information, and login details. Ansgar's forum account was created just one day before MediSecure publicly disclosed the data breach, and the hacker's first post announced the intent to sell the stolen information.

The Australian National Cyber Security Coordinator (NCSC) has urged Australians not to seek out stolen data on the dark web. "Australians should not go looking for this data. Accessing stolen sensitive or personal information on the dark web only feeds the business model of cybercriminals," the NCSC stated.

The Australian police and multiple government agencies are investigating the breach. While the identity of the threat actor remains unknown, it appears they are not part of a traditional ransomware group, who typically operate their own leak site.

MediSecure has not been a participant in Australia's digital health network since late 2023, so the breach does not impact the current prescribing and dispensing of medications.

Adding to the complexity of the situation, MediSecure has requested financial support from the federal government to help cover operating costs following the attack. According to ABC News, this request has been declined. This marks the first time a private company has asked for government financial support following a cyber attack.

This incident follows the ongoing trend of healthcare and public health agencies being targeted by cybercriminals. In previous high-profile breaches, organizations like HCA Healthcare and Change Healthcare have also been targeted, indicating a persistent threat to the healthcare sector.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.