Medibank

2022 - 10 - 20

Medibank cyber attack Medibank cyber attack

Post cover
Image courtesy of "The Singleton Argus"

'Dog act' Medibank hack details revealed (The Singleton Argus)

Medibank's hackers are threatening to release stolen personal health information, and Cyber Security Minister Clare O'Neil says that's...

"This is the new world that we live in. "We will learn from this incident and will share our learnings with others ... "Financial crime is a terrible thing, but ultimately a credit card can be replaced ... "We need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be doing everything they can." "The toughest and smartest people in the Australian government are working directly with Medibank to try to ensure this horrendous criminal act does not turn into what could be irreparable harm." Ms O'Neil said the hackers were trying to negotiate with Medibank while holding the information hostage.

Post cover
Image courtesy of "Blue Mountains Gazette"

Medibank hack: Personal data stolen in new cyber attack (Blue Mountains Gazette)

Personal details of Medibank customers have been stolen in a cyber attack. Names, addresses, date of birth, Medicare numbers and phone numbers, are among the sensitive information that has been taken, Medibank confirmed on Thursday. Advertisement.

I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community.- Medibank CEO David Koczkar "I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community," Medibank CEO David Koczkar said. There's a million tales to tell and I'm enjoying bringing them to you. "The criminal claims to have stolen other information, including data related to credit card security, which has not yet been verified by our investigations," Medibank said. "Medibank has been contacted by a criminal claiming to have stolen 200GB of data," the company said in a statement. "The criminal [group] has provided a sample of records for 100 policies, which we believe has come from our ahm [health insurance] and international student systems."

Post cover
Image courtesy of "SBS"

'We're sorry': Medibank launches investigation as government ... (SBS)

Medibank says it has received messages from a group that allegedly removed customer data in a cyber hacking incident.

"We continue to work with specialised cyber security firms and have advised the Australian Cyber Security Centre." Ms O'Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet. Ms O'Neil confirmed a "significant cyber security incident" had occurred and said her department was working with all relevant agencies across government and the facts were continuing to be established.

Post cover
Image courtesy of "The Guardian"

Clare O'Neil warns of new world of 'relentless' cyber-attacks after ... (The Guardian)

Private health insurer Medibank has entered a trading halt after telling customers it had received messages from a group claiming to have accessed the data of ...

“We are going to be under relentless cyber-attack, essentially from here on in. The company said that based on its “ongoing forensic investigation we are treating the matter seriously at this time”. [reported](https://www.smh.com.au/technology/medibank-hackers-threaten-to-release-stolen-health-data-in-ransom-demand-20221019-p5br2s.html) that it had seen messages from the hacking group, which claimed it had stolen 200 gigabytes of sensitive information from Medibank, and had threatened to contact its 1,000 “most prominent customers” using their own personal information as a “warning shot”. And what it means is that we need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data, and also for citizens to be doing everything that they can.” In a statement to the Australian stock exchange on Wednesday, the company said it had received messages from a group that wished to negotiate regarding the alleged removal of customer data. Private health insurer Medibank has entered a trading halt after telling customers it had received messages from a group claiming to have accessed the data of its customers in a cyber-attack.

Post cover
Image courtesy of "ABC News"

Medibank cyber attack and ransom demand referred to Australian ... (ABC News)

Cyber Security Minister Clare O'Neil says a ransomware attack on Medibank and the alleged removal of customer data has been referred to the Australian ...

"What we have here is … "We are going to be under relentless cyber attack essentially from here on in and what it means is that we need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data. Cyber Security Minister Clare O'Neil says a ransomware attack on Medibank and the alleged removal of customer data has been referred to the Australian Federal Police for investigation.

Post cover
Image courtesy of "The Singleton Argus"

Cyber security warning after Medibank hack (The Singleton Argus)

Following a hacking incident at Medibank, Cyber Security Minister Clare O'Neil says Australian companies must do more to...

"We continue to work with specialised cyber security firms and have advised the Australian Cyber Security Centre." "This is the new world that we live in, we are going to be under relentless cyber attack essentially from here on in," the minister told ABC Radio on Thursday. Ms O'Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet.

Post cover
Image courtesy of "The Australian Financial Review"

Medibank hack: Home Affairs Minister Clare O'Neil responds to ... (The Australian Financial Review)

Australians have been warned to protect themselves against cyber threats, but the insurer remains tight-lipped about what information might have been ...

Telco giant Optus immediately revealed the extent to which its customers might have been affected. Medibank has not denied this, but also did not share this crucial information with customers or the market. Ms O’Neil said she had spoken with Medibank chief executive David Koczkar and said “the facts are continuing to be established”. But it said it still did not know if the hackers posed a genuine threat. Connect with Paul on [[email protected]](mailto:[email protected]) On Wednesday night, the company admitted it had been asked for a ransom.

Post cover
Image courtesy of "Cyber Security Hub"

Medibank is latest Australian company to suffer cyber security ... (Cyber Security Hub)

Australian insurance company Medibank has made a public statement after being contacted by a malicious party claiming to have customer data and wanting a ...

[attempted ransom](https://www.cshub.com/attacks/news/iotw-everything-we-know-about-the-optus-data-breach) and to ensure it meets its continuous disclosure obligations, Medibank has called a trading halt which will continue until further notice. [malicious party](https://www.cshub.com/attacks/news/iotw-hacker-allegedly-hits-both-uber-and-rockstar), who aimed to “negotiate with the company regarding their alleged removal of customer data”. [The Sydney Morning Herald](https://www.smh.com.au/technology/medibank-hackers-threaten-to-release-stolen-health-data-in-ransom-demand-20221019-p5br2s.html?_ga=2.215939153.717096305.1666171771-389145608.1664464249), who claim to have seen the ransom note, the malicious party are threatening to sell 200GB worth of confidential data if their demands are not met. We have always said that we will prioritize responding to this matter as transparently as possible. After dealing with the cyber-attack, Medibank said in a [statement about the October 13 breach](https://www.medibank.com.au/livebetter/newsroom/post/cyber-incident-update) that there was “no evidence that customer data has been accessed” during the breach. The insurer said it is working to verify these claims, and based on its “ongoing forensic investigation” it is treating the potential cyber security incident “seriously”.

Post cover
Image courtesy of "ABC News"

What do we know about the Medibank cyber attack? And what ... (ABC News)

Health insurance provider Medibank is the latest Australian organisation to be hit by a cyber attack. The company, which has more than 3.7 million customers ...

Ms O'Neil described the attack as a "significant cybersecurity incident" and "the facts are continuing to be established". - Cyber Security Minister Clare O'Neil says the attack has been referred to the Australian Federal Police Health insurance provider Medibank is the latest Australian organisation to be hit by a cyber attack.

Post cover
Image courtesy of "ABC News"

Medibank admits personal data stolen in cyber attack (ABC News)

The private health insurance company admits that the personal data of some of its customers — including names, addresses — Medicare numbers and phone ...

Do it regularly," Mr Dutton said. Medibank said it understood the development was upsetting and that it expected the number of affected customers to grow as the incident continued. In a statement, the company said the criminal group allegedly responsible had claimed that 200 gigabytes of data had been stolen and that it would be reaching out to affected customers to let them know and what to do next.

Post cover
Image courtesy of "The Australian Financial Review"

Medibank hack: Ransomware response is a lesson in what not to do (The Australian Financial Review)

In sharp contrast to Kelly Bayer Rosmarin at Optus, Medibank Private's CEO David Koczkar looks to have prioritised the protection of the company's brand ...

O’Neil said she had spoken with Koczkar and said “the facts are continuing to be established”. He says Medibank’s handling of the attack compares poorly with the Optus response. [Tony Boyd](/by/tony-boyd-j67sj)is the Chanticleer columnist. One wonders if Koczkar was trying to reduce the amount of phone calls from concerned customers to its call centres. About 500 business owners, partners, directors and C-Suite leaders across Australian businesses with 50 or more employees were surveyed. Connect with Tony on [[email protected]](mailto:[email protected]) On Wednesday night she confirmed a “significant cybersecurity incident has occurred within Medibank”. Nothing to See Here”. The situation deteriorated on Thursday when the company issued a statement saying Medibank had “received messages from a group that wishes to negotiate with the company regarding their alleged removal of customer data”. The statement about lack of evidence of loss of customer information was soon found to be a grievous mistake. This was an attempt to play down the severity of the attack and calm the waters. The stark contrast between Medibank Private’s response to a ransomware attack and Optus’ response to its cyberattack carries lessons for boards and CEOs at a time of escalating infiltration of corporate computer systems.

Post cover
Image courtesy of "Blue Mountains Gazette"

Medibank hack: Personal data stolen in new cyber attack (Blue Mountains Gazette)

Policy numbers and some claims data was also taken by hackers during the breach. "The criminal claims to have stolen other information, including data related ...

I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community.- Medibank CEO David Koczkar "I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community," Medibank CEO David Koczkar said. There's a million tales to tell and I'm enjoying bringing them to you. "The criminal claims to have stolen other information, including data related to credit card security, which has not yet been verified by our investigations," Medibank said. "Medibank has been contacted by a criminal claiming to have stolen 200GB of data," the company said in a statement. "The criminal [group] has provided a sample of records for 100 policies, which we believe has come from our ahm [health insurance] and international student systems."

Post cover
Image courtesy of "The Guardian"

Medibank says sample of stolen customer data includes details of ... (The Guardian)

Cybercriminals claim to have stolen 200 gigabytes of customer data from Medibank, which the insurer says may include personal details such as medical ...

In an email to customers overnight, the company said its systems remained online but that “our ongoing response to safeguard our networks and systems may require necessary temporary disruptions to our services”. “We are going to be under relentless cyber-attack, essentially from here on in. Medibank believes the data came from one of its insurance products, called ahm, and international student systems. It’s understood Medibank legitimately believed at the time no records had been compromised. That sample, of 100 policies, is believed to be legitimate. It did not immediately detail how many customers would be affected, or what data was potentially exposed.

Post cover
Image courtesy of "7NEWS.com.au"

Medibank hackers say they have millions of Aussies' data. Here's ... (7NEWS.com.au)

Names, addresses and phone numbers are among the private data stolen by cyber criminals. Officials say more hacks are to come.

“The reason that I am so concerned about this ... “This is the new world that we live in. “Financial crime is a terrible thing, but ultimately a credit card can be replaced … “We need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be doing everything they can.” “The toughest and smartest people in the Australian government are working directly with Medibank to try to ensure this horrendous criminal act does not turn into what could be irreparable harm.” “Medibank is in discussions with government stakeholders about what else we can do to assist our customers in safeguarding their identities and health information, and we will be in touch with customers about those steps directly,” it said.

Post cover
Image courtesy of "SBS"

Medibank has suffered a 'significant cyber security incident'. Here's ... (SBS)

The hacker who claims to be behind what has been labelled a "significant cyber security incident" at Medibank has sent the private health insurer details of ...

"You can't use it necessarily to open a bank account in someone's name," Dr Murray told SBS News. which does present a financial risk." "Financial crime is a terrible thing, but ultimately a credit card can be replaced ... That included 100 policies that the private health insurer believes comes from ahm (a Medibank subsidiary) and international student systems. "That does tell us these hackers do seem to have real data. Medibank — a multibillion-dollar business with more than 3.9 million customers — revealed last week that it had detected "unusual activity" on its network. There was "no evidence" customer data had been stolen. Ms O'Neil, who had labelled the attack a "significant cyber security incident", said the alleged hackers were trying to negotiate with Medibank while holding the information hostage. Cyber Security Minister Clare O'Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet. Earlier, Medibank said it was "working urgently" to verify the authenticity of the hackers' claims. On Wednesday, Medibank said it had been contacted by the hacker who wanted to negotiate over the data they claim to have stolen. "This claims data includes the location of where a customer received medical services, and codes relating to their diagnosis and procedure," Medibank said in a statement.

Post cover
Image courtesy of "Motley Fool Australia"

Medibank shares remain in limbo after customer data hack confirmed (Motley Fool Australia)

The Medibank Private Ltd (ASX:MPL) shares will remain halted after revealing that 200GB of customer data may have been taken by hackers...

Medibank will remain open and transparent and will continue to provide comprehensive updates as often as we can and need to. As proof, the group has provided a sample of the data to Medibank. I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community. At the time it didn’t believe that customer data had been taken from its systems. The latter includes the location of where a customer received medical services, and codes relating to their diagnosis and procedures. This afternoon, Medibank revealed that this group has claimed to have taken 200GB of customer data from its systems.

Post cover
Image courtesy of "Blue Mountains Gazette"

The Informer: Hackers target Medibank customers in new data breach (Blue Mountains Gazette)

Names, addresses, date of birth, Medicare numbers and phone numbers have been hacked.

Hannah started as a journalist with The Southern Highland News and The Goulburn Post before moving to the ACT. She is currently covering the early breaking news shift and is ready to chase your morning headlines. Hannah is a general reporter with The Canberra Times. THE NEWS YOU NEED TO KNOW: Additionally, the company's futuristic Cybertruck, once promised to "serve briefly as a boat," is expected go into production next year. Thanks to rounding, the 3.54 per cent read in September remained the same as the 3.48 per cent figure in August.

Post cover
Image courtesy of "The Australian Financial Review"

Medibank cyber attack: Privacy breach fines will be the least of ... (The Australian Financial Review)

Australia has tough laws governing breaches of health data privacy, but they don't appear to apply in the Medibank data breach.

[Medibank reported revenue of $7.12 billion,](https://www.afr.com/companies/healthcare-and-fitness/medibank-profit-down-10-pc-on-investments-insurance-revenue-up-20220818-p5barn) meaning it could have faced fines as high as $712 million for its data breach, if it had happened under the proposed privacy regime. Connect with John on [[email protected]](mailto:[email protected]) Companies that have suffered recent data breaches, such as Optus and Medibank, “will be much more worried about having to pay compensation to affected individuals, as well as the loss of reputation and the loss of customers and shareholder value”, Johnston told The Australian Financial Review. Ahm is Medibank’s low-cost insurance brand. Crucially, that claims data “includes the location of where a customer received medical services, and codes relating to their diagnosis and procedures”, Medibank said in a statement to the ASX. Medibank Private executives will likely avoid prison sentences and the company will only face fines of “virtually nothing” following a data breach that exposed the ultra-sensitive health records of some of its customers, a data privacy expert said.

Explore the last week