MediSecure hack update
The AMA has the following information for members following the MediSecure incident.
The AMA participated in a series of briefings with the Department of Home Affairs over recent weeks on the MediSecure cyber security incident.
Home Affairs has advised that data purporting to be from the data breach is listed as for sale on the dark web. We understand authorities are working to verify this and Home Affairs is still to provide further advice on whether the limited information published in the listing is genuine. The information under investigation purports to contain passwords for MediSecure.
At this stage, based on advice from Home Affairs, the current prescription delivery service is not impacted by the breach so you should continue to prescribe as per usual, patients should continue to have their prescriptions dispensed, and you do not need to change your Medicare provider number or PBS prescriber number.
The incident web page contains more information, including advice on cyber security.
The AMA strongly encourages all members to ensure they are following good cyber security practices.
- setting up and enabling multi-factor authentication for all accounts
- updating passwords, making sure you use strong passwords of 14 or more characters, and making sure you have a unique password for every account. Password managers can aid with this
- installing software updates regularly to keep your devices secure.
The Australian Digital Health Agency has a web page with more information and resources to help healthcare providers with their cyber security.