Australians told to keep getting medicines after hack

"We have not seen evidence so far to suggest that anyone needs to replace their Medicare card," she said on Friday.

"If our investigation turns up any evidence to suggest Australians' identities are at risk and they need to replace their documents, we will let them know."

The Australian Medical Association was briefed on the hack.

"The most important message today is that patients should not hesitate to get their medications dispensed as the current prescription delivery service is not affected by the breach," association president Steve Robson said.

The health department previously awarded MediSecure one of two contracts to provide e-script services until late 2023, when company eRx Script Exchange was given the job exclusively.

The Australian Competition and Consumer Commission in October gave permission for MediSecure to transfer publicly funded electronic prescriptions and to eRx.

Lt Gen McGuinness said she understood people were anxious about their personal information being affected but investigations took time.

"I want to assure everyone that we are working as fast as we can to complete our assessment and when we have further information to share about what has been impacted, we will share this with you along with what affected people may need to do to protect themselves," she said.

The Australian Federal Police and other government agencies are investigating the large-scale attack.

The breach is the latest in a series of hacks to hit large organisations, which have included damaging cyberattacks on telco Optus and Australia's largest private health insurer Medibank in 2022, and port operator DP World in 2023.

The government has introduced tough penalties for companies that fail to protect the information of their customers.