Medibank has suffered a ‘significant cyber security incident’. Here’s what we know so far

Australia’s largest private health insurer has suffered a “significant cyber security incident”, just weeks after an attack on telecommunications giant Optus saw the personal data of millions compromised.
Medibank — a multibillion-dollar business with more than 3.9 million customers — revealed last week that it had detected “unusual activity” on its network. It said it had swung into action to contain the incident, and engaged “specialist cyber security firms”. There was “no evidence” customer data had been stolen.
But the situation now appears to be taking a more serious turn, with after alleged hackers who claim to have stolen Medibank customer data contacted the private health insurer wanting to negotiate.

The publicly-listed company has also entered a trading halt on the ASX, which will continue “until further notice”.

What data do the hackers have?

In a statement released on Thursday, Medibank said it had been contacted by someone claiming to have 200 gigabytes of customers’ personal data.
In a bid to seemingly bolster their claim, the person provided Medibank with a data sample. That included 100 policies that the private health insurer believes has come from ahm (a Medibank subsidiary) and international student systems.
The data included first and last names, dates of birth, addresses, policy, phone, and Medicare numbers, as well as some claims data, according to Medibank.
“This claims data includes the location of where a customer received medical services, and codes relating to their diagnosis and procedure,” Medibank said in a statement on Thursday,

“The criminal claims to have stolen other information, including data related to credit card security, which has not yet been verified by our investigations.”

Medibank CEO David Koczkar offered an apology acknowledging the news would concern customers. Source: AAP / Bianca De Marchi

On Wednesday, Medibank said it had been contacted by the hacker who wanted to negotiate over the data they claim to have stolen.

Nine Newspapers reported that the hacker unless the health insurer pays a ransom.
Medibank nor authorities have yet revealed what the alleged hackers are demanding in order to halt the release of customer data they claim to have.
Director of the Australian Strategic Policy Institute’s International Cyber Policy Centre, Ferguson Hannon, told ABC Television on Thursday the hackers’ claims sounded “fairly credible”.

“The fact the company is going to these lengths to disclose what is going on and being quite transparent with customers about this evolving story suggests they do have genuine data and potentially it will be problematic for customers as well,” Mr Hannon said.

How has Medibank responded?

Medibank said it would contact customers who it knows have been caught up in the cyber attack, and it expects more will be affected as the incident develops.
“Medibank urges our customers to remain vigilant, and encourages them to seek independent advice from trusted sources, including the ,” it said in a statement on Thursday.
“As always, Medibank will never contact customers requesting passwords or other sensitive information.”
Medibank CEO David Koczkar apologised “unreservedly” for the incident and said he knew customers would be “disappointed” with the health fund.

“Medibank will remain open and transparent and will continue to provide comprehensive updates as often as we can and need to,” Mr Koczkar said in a statement.

A woman speaking.

Cyber Security Minister Clare O’Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet. Source: AAP / Mick Tsikas

Earlier, Medibank said it was “working urgently” to verify the authenticity of the hackers’ claims.

The health insurer said protection of customer data remained a priority.
“Medibank systems have not been encrypted by ransomware, which means usual activities for customers continues,” it said in a statement on Wednesday.

It said it held a “range of necessary personal information of customers” as a company providing health insurance and services.

How has the federal government responded?

An investigation into the cyber attack has been launched, with federal government agencies examining the incident and working alongside Medibank.
Cyber Security Minister Clare O’Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet.
Ms O’Neil, who labelled the attack a “significant cyber security incident’, said it was too early to tell how many customers had been affected by the Medibank hack after speaking with Mr Koczkar.
Medibank is now working alongside federal police and the Australian Signals Directorate to manage the breach.
Ms O’Neil said the attack — which follows — was a wake-up call for business.
“This is the new world that we live in, we are going to be under relentless cyber attack essentially from here on in,” Ms O’Neil told ABC Radio on Thursday.
“We need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be doing everything they can.”

With additional reporting by AAP.

File source

Show More

Related Articles

Back to top button