The health company at the centre of a recent cyber attack has gone into administration, just weeks after it asked the federal government for a bailout.
eScript provider MediSecure, which provides electronic prescriptions for dispensing of medications, confirmed it was the victim of a large-scale ransomware data breach in May.
Some of the information stolen, including patient data relating to scripts and the personal information of healthcare providers, is now on the dark web for sale. The dark web is only accessible via specialised web browsers and is often used to sell illegal items, including stolen data.
The company went into administration on Monday but the details have only been released on Wednesday. Vaughan Strawbridge and Paul Harlond of FTI Consulting have been appointed as the administrators of MediSecure and liquidators of a subsidiary entity of MediSecure known as Operations MDS Pty Ltd.
In a statement Mr Strawbridge said the company recognised the concern and impact of the cyber incident.
“The company has been in contact with the Australian government with respect to providing information in response to that incident,” he said.
“Our role as administrators and liquidators includes investigating the affairs of the company to identify reasons for its failure, and to examine options that may be available to recover assets for the benefit of creditors of the companies.
“We will be speaking to the Australian government about what they need from the company and the next steps in the response to the cyber incident.”
Last month MediSecure requested a bailout from the federal government, but the request for financial support was declined.
It was the first time a request for financial support had been made by a private company following a cyber attack. The federal government’s role is to provide technical assistance following an attack and it has never handed over cash to private companies.
In a statement issued on Friday, MediSecure defended its request for funding.
“MediSecure wishes to clarify that it sought funding from the Commonwealth government for the limited and confined purpose of assisting with the costs associated with responding to the incident, and the request was not for funding MediSecure’s operational costs unrelated to the cyber-attack,” the statement said.
The first meeting of creditors of MediSecure will be held within a few weeks.
To date, MediSecure has never detailed how many Australians have been affected by the attack or the extent of the data stolen, despite demands from the federal government for details.
Home Affairs and Cyber Security Minister Clare O’Neil said she asked the company to publicly outline what it knew and to notify those that had been affected, but was yet to receive a response.
“It has taken an unacceptably long time for MediSecure to provide clarity on the details of data that may have been stolen from them in the recent data breach,” she said in a statement on Friday.
“At this stage, we do not know the extent of the breach. However, people who may be affected need to be equipped with that knowledge so they can take appropriate precautions.
“The public would reasonably expect more regular updates on the progress of that process.”
MediSecure said it was trying to provide answers.
“We have also been working with cyber and forensic experts from McGrathNicol Advisory in collaboration with the National Cyber Security Coordinator, to endeavour as quickly as possible to confirm the extent of the data breach and all individuals impacted,” the statement said.
“We are grateful for their support, without which we would be unable to make progress with respect to the incident response.
“We appreciate this process has taken time, and MediSecure has continued to make every effort to assist the government in responding to this cyber-attack.”
The National Cyber Security Coordinator continues to lead the response to the attack, with federal police investigating.
Posted , updated