Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Australian Health Insurer Medibank Admits Customer Data Stolen in Ransomware Attack

Australian health insurer Medibank has started informing customers that their personal information was potentially compromised during a recent cyberattack.

Australian health insurer Medibank has started informing customers that their personal information was potentially compromised during a recent cyberattack.

The incident was initially identified on October 12 and was deemed as being “consistent with the precursors to a ransomware event”, resulting in certain systems being taken offline for containment purposes. Medibank said its systems were not encrypted by ransomware during the incident.

At first, the company said that it found no evidence that any customer data might have been exfiltrated from its network, but that changed after a threat actor contacted Medibank, claiming that they had stolen roughly 200 gigabytes of data during the cyberattack.

“Medibank has been contacted by a criminal claiming to have stolen 200GB of data. The criminal has provided a sample of records for 100 policies which we believe has come from our ahm and international student systems,” the company announced on Thursday.

The exfiltrated personal information includes full names, addresses, birth dates, phone numbers, medicare and policy numbers, and claims data (such as the location where the customer received medical services).

The attacker also claims to have stolen credit card security information, as well as other types of data, but Medibank says it has not been able to verify the claim yet.

Medibank says it is working on identifying what other types of customer data might have been impacted. The health insurer has more than 3.9 million customers.

“We are making direct contact with the affected customers to inform them of this latest development, and to provide support and guidance on what to do next. We expect the number of affected customers to grow as the incident continues,” the company says.

Advertisement. Scroll to continue reading.

The company says it has identified and contained the attack before ransomware was deployed on its network and that it has now fully restored the services that were impacted in the incident. However, Medibank also announced a trading halt on its shares.

Related: Australian Health Insurer Medibank Targeted in Cyberattack

Related: New York Emergency Services Provider Says Patient Data Stolen in Ransomware Attack

Related: OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Mario Duarte, formerly head of security at Snowflake, has joined Aembit as CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.