National

Cyber security warning after Medibank hack

By AAP Newswire

Oct 20, 2022

MEDIBANK STOCK — The Medibank data hack is a wake-up call for businesses, the federal government says. -AAP Image

Following a hacking incident at Medibank, Cyber Security Minister Clare O'Neil says Australian companies must do more to protect customer data.

Hold tight - we’re checking permissions before loading more content

The health insurer on Wednesday revealed it had received messages from the alleged hackers claiming they had removed customer data, less than a week after it was hit by a cyber attack.

The alleged hacker said they have 200Gb of stolen data - including names, addresses, dates of births and Medicare and phone numbers - along with locations of where customers got medical treatment and other information about diagnoses and procedures.

An investigation has been launched, with federal government agencies working alongside Medibank.

They say affected customers were contacted beginning on Thursday morning, adding they expect the amount of people involved to grow.

Medibank chief executive David Koczkar unreservedly apologised to everyone affected by the incident.

"I know many will be disappointed with Medibank and I acknowledge that disappointment," he said.

"We will learn from this incident and will share our learnings with others ... Medibank will remain open and transparent and will continue to provide comprehensive update as often as we can and need to."

The Medibank hack, following the recent widespread data breach at telecommunications company Optus, is a wake-up call for business.

Ms O'Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet.

"This is the new world that we live in. We are going to be under relentless cyber attacks essentially from here on in," the minister told ABC Radio on Thursday.

"We need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be doing everything they can."

Ms O'Neil said it was too early to tell how many customers had been affected by the Medibank hack after speaking with the insurer's CEO.

It is now working alongside federal police and the Australian Signals Directorate to manage the breach.

"The reason that I am so concerned about this ... is because, of course, of the sensitive nature of the information involved," Ms O'Neil said.

"What we have here is information that's held by this organisation, which is healthcare information, and that just on its own being made public can cause immense harm to Australians."

The Australian Securities Exchange-listed Medibank went into a trading halt after it was contacted by the alleged hackers.