View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 20, 2022

Customer data stolen in Medibank hack, health insurer confirms

The Australian private healthcare insurer confirmed today that sensitive data is in the hands of criminals.

By Claudia Glover

Health insurance company Medibank, which has four million customers, is the latest Australian organisation to be hit with a cyberattack in recent months. The criminals claim to have stolen 200GB of data from the company’s systems.

Medibank has confirmed that data obtained by unknown hackers contains highly personal information from its clients including first and surnames, policy numbers and claims data consisting of “location of where a customer received medical services and codes relating to their diagnosis and procedures”. The company has not commented on how the criminals gained access to such sensitive information.

Medibank cyberattack
Australian private health insurer Medibank hit with cyberattack. (Photo by Nils Versemann/Shutterstock)

The private health insurer confirmed last Thursday that it had suffered a cyberattack and was investigating the consequences, and an update today confirmed that the data had been accessed. In the aftermath of the attack, the company said it had temporarily blocked and isolated access to AHM, one of the insurance brands the company runs, as well as international student policies.

Medibank is working with the Australian Cybersecurity Centre, the Federal Police, cybersecurity firms and government stakeholders in an ongoing investigation. The company has not yet replied to a request for comment from Tech Monitor, or confirmed if a ransom demand has been received.

Medibank cyberattack

According to its most recent update, the company has been contacted by cybercriminals who claim to have stolen 200GB of data from its systems. They have provided a sample of records for 100 policies, which, “we believe has come from our AHM and international student systems,” Medibank says.

“This claims data includes the location of where a customer received medical services and codes relating to their diagnosis and procedures,” it continues.

The criminals claim to have stolen other information, including data related to credit card security, but this has not yet been verified by Medibank.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Medibank’s systems were back and running on Friday after they were migrated onto new IT infrastructure, the company has confirmed that its systems were not encrypted. Medibank has placed a trading halt on its shares until further notice.

Medibank CEO David Koczkar said: “I unreservedly apologise for this crime which has been perpetrated against our customers, our people and our broader community. I know that many will be disappointed with Medibank and I acknowledge that disappointment. This cybercrime is now the subject of an investigation by the Australian Federal Police. We will learn from this incident and share our learnings with others. Medibank will remain open and transparent and will continue to provide comprehensive updates as often as we need to.” 

This attack comes weeks after the Optus breach, which saw the records of just under ten million customers of the telecoms company being compromised in an attack, which Australia’s minister for cybersecurity Clare O’Neil called a “basic hack”. O’Neil suggested that Australia could change its cybersecurity regulations in the wake of the attack.

Neena Sharma, senior strategist at security vendor Clavister, said: “The data breach suffered by Medibank is worrying, especially following the Optus cyberattack which also hit Australia only a few weeks ago. Highly sensitive personal information was accessed by the hackers, which raises concern about adequate cyber protection. Businesses and industries that hold large amounts of sensitive consumer data, such as health insurers, the transportation sector, and the banking sector, must invest better in safeguarding technologies to prevent hackers from accessing personal information.”

Read more: Amazon eyes UK insurance market move

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.