UPDATE: Medibank confirms – Hacker is real, they have your data

Following this mornings word from Medibank that they are now dealing with a ransom demand, the company has issued a statement to the ASX which confirms the criminal does have legitimate client records of medibank customers.

Having placed their shares in a trading halt this morning, Medibank’s update to the market is also a precursor to a likely outreach to customers in line with their previous communications which have been consistent and transparent.

Unfortunately, Medibank (and AHM) had been almost clear with customers that their data was not affected. Turns out, it likely is.

To what scale or extent is still unknown, but the hacker claims to have 200GB of data, which would amount to a massive amount of customer information.

Medibank has shared the following:

  • Medibank has been contacted by a criminal claiming to have stolen 200GB of data.
  • The criminal has provided a sample of records for 100 policies which we believe has come from our
    ahm and international student systems.
  • That data includes first names and surnames, addresses, dates of birth, Medicare numbers, policy
    numbers, phone numbers and some claims data.
  • This claims data includes the location of where a customer received medical services, and codes
    relating to their diagnosis and procedures
  • The criminal claims to have stolen other information, including data related to credit card security,
    which has not yet been verified by our investigations.

Medibank CEO David Koczkar says “I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and
the broader community.

“I know that many will be disappointed with Medibank and I acknowledge that disappointment. This cybercrime is now the subject of an investigation by the Australian Federal Police.

“We will learn from this incident and will share our learnings with others”.

“Medibank will remain open and transparent and will continue to provide comprehensive updates as often as we can and need to.”

Unfortunately for customers, at this time, there isn’t much you can do.

Key to your actions going forward is vigilance, keep an eye out for any suspicious emails, especially ones claiming to know about your personal health, medication or treatment.

That includes emails from your doctor or clinics, as scammers will use whatever info they have to try and trick you.

If it looks legit, call the company, or visit their website directly without clinking any email links.

Recent Posts

  • Tech

Samsung Galaxy Unpacked announced for July 22 – new foldables and wearables incoming

Samsung have announced their next hotly anticipated Galaxy Unpacked event will take place in London…

1 hour ago
  • Tech

Telstra Network down – Users experiencing issues across Telstra and Sub-brands Boost and Belong

Some Aussies are waking up this morning to zero bars of coverage on the Telstra…

4 hours ago
  • Tech

Nothing Ear (3a) Review: Vibrant Colors Meet Innovative On-Board Recording

Alongside the all-new Phone (4b), Nothing have also launched their latest pair of earbuds with…

14 hours ago
  • Tech

Nothing Phone (4b) Review: All-day power on a budget

Tech company Nothing has already unveiled their Phone 4a series this year, with the very…

15 hours ago
  • Lifestyle

The changeover of financial years can be a stressful time – Scammers know that

It's that time of year where its out with the old and in with the…

16 hours ago
  • Tech

The EFTM podcast – Talking TVs with Hisense and giving to Margaret for her nursing home songs!

This week we reconnect with Margaret who has been writing songs for Nursing home residents…

21 hours ago