Claims have surfaced that anyone’s Medicare details are available for purchase online. It’s scary stuff, given the potential implications including identity theft and access to medical records.
So what does it mean and how concerned should you be? We found out.
How it works.
The Guardian journalist Paul Farrell reported on Tuesday that the news site had found a seller on the “dark web” – a part of the internet that can only be accessed through specific software and authorisation – who was advertising the sale of Medicare card numbers.
Listen: What does a woman in her 20’s, 30’s and 40’s get targeted for?
Simply provide someone’s full name and date of birth and the sell will provide you with their Medicare number, the Guardian reports. The service can costs less than $30 and the vendor has sold at least 75 Australians’ Medicare card details since October 2016. Farrell tested it out with his own details, as has a journalist at SBS, but it’s unclear yet how the seller has access to these details and whether they could access every Australian’s card number.
Expert in internet safety and cybercrime at the University of Canberra, Nigel Phair, suggested to Mamamia that the seller was someone who had access to Medicare numbers through their work in an official capacity and that they are abusing this position. Minister for Human Services Alan Tudge backed this belief up on Tuesday when he described the crime as “traditional criminal activity”, rather than a cyber security breach.
Why it’s scary.
There are three main concerns identified so far if a person could access your Medicare card number.
Identity fraud. Criminals could create a fake card using real details to be used as a point of identification for buying or leasing goods, such as phones or cars, among other activities. A Medicare card counts as 25 points towards the 100 points of ID.
To buy drugs. The buyer could use the victim’s number on a fake card to buy prescription medication that can be used to make drugs.
Accessing medical data. This is an area of particular concern given that Australia will be moving to an opt-out policy for online medical records. In 2018, you’ll have to say “no” if you don’t want your medical records online.
However, Minister for Human Services Alan Tudge said the online seller does not grant you access to the person’s medical details, just their number. AMA President Dr Michael Gannon said he was reassured that people’s medical records were safe.
“I’ve sought and been given reassurances this morning… that there is no risk to people who have a MyHealth record. That’s been of great reassurance to me,” Dr Gannon told Nine News’ Tim McMillan this morning.
What’s being done about it.
On Tuesday, Minister for Human Services Alan Tudge said The Guardian‘s claims were been “taken seriously by the government and are under investigation”, with the matter referred to the Australian Federal Police.