Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack

Medibank, Australia’s largest health insurer, announced a planned outage for the weekend ahead as it recovers from a breach that shook nearly 10 million people with the alarming news that thieves had stolen their personal data.

For now, the firm’s home page still bears the scars of the October attack, with a prominent red banner linking to news of its response and a note vowing to bolster cybersecurity:

“Planned outage this weekend – member services will be offline, and our contact centres and stores will be closed this weekend while we enhance the security of our systems.”

On a separate page, the insurer follows up with details of the aftermath of its massive breach, when hackers made off with the names, dates of birth, addresses, phone numbers and email addresses of around 9.7 million current and former customers and some of their authorized representatives.

“This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers and around 1.8 million international customers,” the insurer notes.

Medibank and ahm systems will be temporarily offline from 8.30 pm (AEDT) on Friday, December 9, as Medibank undertakes “maintenance to further strengthen our systems and enhance security protections,” according to the latest update.

This planned operation is described as “the next necessary phase” of Medibank’s work to strengthen its safeguards. Online services will be back in operation Sunday, December 11 at the latest, the insurer said. Contact centers and retail stores will reopen on Monday, December 12.

“While there has been no further suspicious activity detected inside our systems since 12 October 2022, as part of the next stage of our work we are undertaking maintenance across some of our systems to further strengthen security,” a spokeswoman for Medibank told channelnews.com.au.

“This follows the recent addition of two-factor authentication in our contact centres to increase the level of security for our customers when they call for support,” the spokeswoman said. “We are also continuing to analyze the information released by the criminal on the dark web.”

Despite the severity of the incident, Medibank is addressing the issue commendably, helping impacted customers with a plethora of anti-fraud services and mental health initiatives, including personal duress alarms for customers particularly vulnerable or with safety risks, as well as hardship support for customers who are in a uniquely vulnerable position as a result of this incident.

Bitdefender Digital Identity Protection constantly scans for leaks of your personal data, scouring the web to see if any of your accounts are exposed, and guides you to take action before it’s too late. Learn more at: https://www.bitdefender.com/solutions/digital-identity-protection.html.