Australian Police have launched an investigation following reports of private medical data from the country’s public health-care system being sold on the dark web, the government said on Tuesday.
“Claims made in the Guardian newspaper that Medicare card numbers are able to be purchased on the dark web are being taken seriously by the government and are under investigation,’’ Human Services Minister Alan Tudge said in a statement.
“The security of personal data is an extremely serious matter,’’ Tudge said.
The Guardian reported that one of its own reporters was able to buy his Medicare card number from a “darknet’’ trader for less than 23 U.S. dollars using bitcoin, a digital currency.
The dark web is a part of the internet operated anonymously using tools that shield users’ identities and online activities.
It has been linked to cybercrime and trade in illicit goods, such as weapons and narcotics.
Australian federal police began their investigation after receiving a referral from the government “in relation to a suspected Medicare data breach,’’ a police spokesperson told dpa in a statement.
The federal police are “undertaking an evaluation of the matter referred and as such it would not be appropriate to comment further.’’
It is not certain how the darknet operators came to obtain Medicare card details, which are not available publicly, but the newspaper said it has sold at least 75 sets of Medicare details since October and probably many more before that.
Tudge said that he had been assured that the information obtained was “not sufficient’’ to access personal records, but there are fears hackers could use the data for criminal purposes such as identity theft.
The Guardian said that stolen identities have been used by drug syndicates to buy, lease goods, property or cars.
The card details could also be used to defraud the government of tax rebates.
“In 2015 a police strike force targeted a group that was using Medicare card details to direct rebate payments into fraudulent bank accounts,’’ the newspaper said.
The opposition Labour party said that the government’s response was weak.
“It is absolutely critical that the government explains today, immediately how many records have been breached, when did the government find out that this security risk was occurring,’’ Tanya Plibersek, acting opposition leader, told reporters in Melbourne.
The Australian government has suffered series of embarrassing data breaches in recent years, including personal details of world leaders at the last G20 summit held in Brisbane in 2015 that was accidentally released by the immigration department.