IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Medibank reveals damning extent of hack that could cost $35 million

The company disclosed that the attackers also had access to all of its circa 3.9 million customers' records, equivalent to 15% of the nation’s population

Australia private health insurance provider Medibank has revealed that the cyber attack that hit the company earlier in October could set the company back by $35 million AUD (£19.5 million), at a time when the government has declared its rules around data breaches 'inadequate'.

Related Resource

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Whitepaper cover with title and sunken IBM logo lifting out of a flat grey surfaceFree Download

The company predicts that, based on its current actions in response to the hack, and noting that it doesn’t have cyber insurance, it estimated it will have costs of around $25-$35 million which will impact its earnings. The costs do not include further potential customer and other remediations, regulatory, or litigation-related costs.

Hackers attacked Medibank earlier this month and said they would release a trove of stolen company data unless a ransom was paid.

The company originally believed that no customer data had been accessed during the attack, but said last week the hackers were willing to negotiate over the return of the stolen data. Medibank was working to urgently establish if the claim was true.

This comes at a time when the Australian government has described its current rules around data breaches as 'inadequate' and plans to raise the maximum penalty handed out to companies who suffer data breaches from $2.22 million (£1.2 million) to $50 million (£27 million).

It is unclear which figure will be applied to Medibank, as the hack took place before the new rules have come into force.

Medibank also disclosed today that the attacker had access to all of the company’s customer data, some 3.9 million records, which is equivalent to around 15% of the population of Australia.

The company added that the criminal has removed some of its customers’ personal and health claims data and it is now likely the attacker has stolen further personal and health claims data too. As a result, Medibank believes the number of affected customers could grow "substantially".

“Our investigation has now established that this criminal has accessed all our private health insurance customers' personal data and significant amounts of their health claims data,” said David Koczkar, CEO at Medibank. 

“As we’ve continued to say, we believe that the scale of stolen customer data will be greater and we expect that the number of affected customers could grow substantially,” he added. “I apologise unreservedly to our customers. This is a terrible crime – this is a crime designed to cause maximum harm to the most vulnerable members of our community.”

The company will continue to work to understand the specific data that has been taken for each customer so it can contact them directly to let them know, it stated. It has also announced a support package for customers who are in a vulnerable position because of the crime. 

This includes access to a mental health and wellbeing support line for all customers, access to specialist identity protection advice and resources, and free identity monitoring services. It will also provide reimbursement of fees for the re-issue of identity documents that have been fully compromised in the crime.

The company reiterated that its IT systems haven’t been encrypted by ransomware and normal business operations have been maintained with customers continuing to access health services.

Medibank also said it is prioritising preventing further unauthorised entry to its IT network and is continuing to monitor for any further suspicious activity. This includes bolstering existing monitoring, adding further detection and forensics capability across Medibank’s systems and network and scaling up analytical support via specialist third parties.

The cyber attack is subject to a criminal investigation by the Australian Federal Police (AFP) and Medibank is working with the police as well as the Australian Cyber Security Centre (ACSC) and government stakeholders.

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

Why Japan finds it so hard to digitally transform
digital transformation

Why Japan finds it so hard to digitally transform

1 Dec 2022
MSG giant Ajinomoto's chipmaking foray helps break financial records
Business strategy

MSG giant Ajinomoto's chipmaking foray helps break financial records

30 Nov 2022
India to trial digital rupee from December 2022
digital currency

India to trial digital rupee from December 2022

30 Nov 2022
Japan considers creating new cyber defence agency as attacks ramp up in region
cyber attacks

Japan considers creating new cyber defence agency as attacks ramp up in region

24 Nov 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Larger monitors aren't all they're cracked up to be
monitors

Larger monitors aren't all they're cracked up to be

3 Dec 2022
Microsoft: Russia increasingly timing cyber attacks with missile strikes in Ukraine
cyber warfare

Microsoft: Russia increasingly timing cyber attacks with missile strikes in Ukraine

5 Dec 2022