Incident: The Medicare machine: patient details of ‘any Australian’ for sale on darknet | The Guardian
Australian Information Security Incident Reported: July 4 2017
A darknet trader is illegally selling the Medicare patient details of any Australian on request by “exploiting a vulnerability” in a government system, raising concerns that a health agency may be seriously compromised.
An investigation by Guardian Australia can reveal that a darknet vendor on a popular auction site for illegal products claims to have access to any Australian’s Medicare card details and can supply them on request.
The precise method the darknet seller is using to obtain the Medicare details remains unknown and may be difficult for government agencies to track.
The reference to “exploiting a vulnerability” suggests that the Medicare records are being accessed in real time, which is likely to cause serious concerns within health government agencies about whether their systems are compromised.