2 min read

Hackers Hit Australian Insurer Medibank

Filip TRUȚĂ

October 14, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Hit Australian Insurer Medibank

Medibank, one of the largest private health insurance providers in Australia, has issued a statement informing customers that it suffered a cyber-intrusion, causing it to restrict some access to its services.

Medibank, which covers around 3.7 million people as of last year, operates as a publicly listed company on the Australian Securities Exchange. It is the parent company of ahm, which covers health, travel, cars, homes and even pets.

‘Unusual’ network activity

On the morning of October 13, the insurer issued a statement saying it “detected unusual activity on its network.” The discovery prompted its IT staff to take immediate steps to contain the incident, as well as to engage expert help from the cybersecurity sector.

“At this stage there is no evidence that any sensitive data, including customer data, has been accessed,” the company stressed at the time – a statement it still holds to today, as investigations into the breach continue.

As part of the response, Medibank isolated and removed access to some customer-facing systems “to reduce the likelihood of damage to systems or data loss.”

This type of wording is nearly synonymous with ransomware, yet Medibank stops short of saying exactly what kind of cyber threat it is dealing with.

“As Medibank continues to take decisive action in response to the ongoing cyber incident, temporary disruptions to services may occur,” says an update posted to the cyber-incident page set up to keep customers informed.

No customer data compromised

“While our investigation is continuing, at this stage we have found no evidence that our customer data has been accessed,” Medibank emphasizes. “We remain focused on taking all steps required to contain the incident and ensure the ongoing security of our customers, our people and stakeholder information and the delivery of our services.”

The insurer has already sent around 3.7 million emails to current and former Medibank and ahm customers, as well as text messages to customers who prefer communication by SMS.

The company has notified a plurality of regulators and key stakeholders about the incident, including the Australian Cyber Security Centre, APRA, the Office of the Australian Information Commissioner, Private Health Insurance Ombudsman, the Department of Health and the Department of Home Affairs.

‘We don’t have all the answers yet’

Emily Ritchie, senior executive of External Affairs at Medibank, admits “we don’t have all the answers yet,” adding that the group’s focus right now is to protect both customers and staff from any ripples this incident might cause.

Medibank also says there’s nothing customers need to do at this point. However, if a company you do business with gets breached, it’s always advisable to be wary of any unsolicited communications asking for your personal data, access credentials or financial information.

Bitdefender Identity Theft Protection offers continuous monitoring of your identity, privacy and credit status and displays instant alerts when your personal information is at risk.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read