Medicare Card Numbers ‘Being Sold on Dark Web’, Alan Tudge Calls for AFP to Investigate
Minister for Human Services Alan Tudge has asked his department and the Australian Federal Police to investigate reports Medicare card numbers are being sold on the “dark web”.
It follow revelations a Guardian Australia journalist was able to buy their own Medicare details from a darknet trader who is illegally selling the information by “exploiting a vulnerability” in a government system.
“Claims made in the Guardian newspaper that Medicare card numbers are able to be purchased on the dark web are being taken seriously by the Government and are under investigation,” Mr Tudge said in a statement.
The minister said the journalist was only able to obtain a Medicare card number and was not able to access any personal health records.
However, he said any “apparent unauthorised access to Medicare card numbers is nevertheless of great concern”.
Acting Opposition Leader Tanya Plibersek said she was “extremely concerned” about the alleged privacy breach and demanded the Government reveal when it first became aware of it and how many people had been affected.
“This is a very, very serious privacy breach,” she said.
“We have seen weak statements that don’t go to the key issues about how many records, how long they have been available, when the Government knew and what have they done.
Mr Tudge said there was no indication there had been a wide-scale breach in the department.
“The advice I have received from the chief information officer in my department is that there has not been a cyber security breach of our systems as such, but rather it is more likely to have been a traditional criminal activity,” he said.
If the Medicare numbers supplied by the vendors are accurate, it could allow criminal groups to create fake cards and conduct identify fraud.
The cards could potentially be used to purchase drugs or be used as identification to buy other goods.
This is not a new problem for the Government. In 2015, Senate estimates heard details of 369 cases of Medicare identity theft over two years, prompting the creation of a police strike force to investigate sham payments.
But the nature of this potential breach is likely to generate more discussion about the ability of government agencies to hold and secure personal data from potential theft or misuse.
The so-called dark web is hidden to most internet users and allows people to remain anonymous and untraceable while online, potentially allowing them to purchase or engage in criminal activities.
It is also the home of online black markets — such as the Silk Road — which are commonly accessed by using software that hides a user’s location and search history.
The dark web is not indexed by search engines, which means its contents will not appear during routine searches in Google. For many, its contents are hidden.
Government agencies routinely monitor activities on the dark web to ensure personal data held by departments has not been inappropriately accessed, and then resold.
Please click here to view the original article.