Medibank suffered a severe cyberattack leading to the leakage of personal data
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident.
According to the company, the attack was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware event,” prompting it to isolate its systems, but not before the attackers exfiltrated the data.
“This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers, and around 1.8 million international customers,” the Melbourne-based firm noted.
Compromised details include names, dates of birth, addresses, phone numbers, and email addresses, as well as Medicare numbers (but not expiry dates) for ahm customers, and passport numbers (but not expiry dates) and visa details for international student customers.
It further said the incident resulted in the theft of health claims data for about 160,000 Medibank customers, around 300,000 ahm customers, and around 20,000 international customers.
This category comprises service provider name, the locations where customers received certain medical services, and codes associated with diagnosis and procedures that were administered.
“Given the nature of this crime, unfortunately we now believe that all of the customer data accessed could have been taken by the criminal,” the company said, urging customers to be on the alert for any potential leaks.
In a standalone investor statement, the company also said it will not make any ransom payment to the threat actor, stating doing so will only encourage the attacker to extort its customers and make Australia a bigger target.