Medibank Private Ltd (ASX:MPL) has confirmed that the personal data of some of its customers has been compromised after fresh ransom demands from the hacker showing strong evidence of the exploit.
The health insurer believes that the hack exposed its Australian health management (ahm) and international student systems, compromising the critical personal and health data of its customers.
The alleged hacker claims to have 200 gigabytes of customer data, which they are threatening to sell to a third party if demands are not met.
The compromised data includes:
- First names and surnames;
- addresses;
- dates of birth;
- Medicare numbers;
- policy numbers;
- phone numbers; and
- some claims data, including the location of where a customer received medical services and codes relating to their diagnoses and procedures.
Medibank first reported the cyber-attack last Wednesday, however, the company resumed “normal operations” on Monday after their investigations showed no evidence of customer data breach.
However, fresh ransom demands with strong proof have opened a new ‘can of worms’ for the company which thought it had the breach under control.
Medibank has placed its shares in a trading halt again until further notice.
A trading halt in Medibank shares will continue until further noticehttps://t.co/HsWSqIC1c9— Medibank (@medibank) October 20, 2022
CEO apologises
Apologising to customers, Medibank CEO David Koczkar said: “We have always said that we will prioritise responding to this matter as transparently as possible.
“Our team has been working around the clock since we first discovered the unusual activity on our systems and we will not stop doing that now.
"We will continue to take decisive action to protect Medibank customers, our people and other stakeholders."
Medibank CEO David Koczkar said:“I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community.
“I know that many will be disappointed with Medibank and I acknowledge that disappointment.
— Medibank (@medibank) October 20, 2022
What now?
Medibank urges customers to remain vigilant and encourages them to seek independent advice from trusted sources, including the Australian Cyber Security Centre.
The company is making direct contact with customers to inform them of this latest development, and to provide support and guidance on what to do next.
Medibank has stressed that it will never request passwords or sensitive information from its customers.
Australian Federal Police has begun investigations while the company has also engaged cyber-security experts and forensic investigators to look into the matter.
Australian cyber security minister ClareO'Neil said while the "very best people" were working on the matter, it was another reminder that cybercrime was fast becoming one of the biggest crime threats globally.
"This is the new world that we live in," she said.
"We are going to be under relentless cyber-attack essentially from here on in and what it means is that we need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data.
"I think combined with Optus, this is a huge wake-up call for the country and certainly gives the government a really clear mandate to do some things that frankly probably should have been done five years ago, but I think are still very crucially important."
An update on the cyber incident on Medibank.While facts are still being established, Medibank has been working closely with the @asdgovau and the @ausfedpolice to try and manage the situation and protect customers’ data. pic.twitter.com/gGSUirhg5T
— Clare O'Neil MP (@ClareONeilMP) October 20, 2022