Medibank investigating ransom demand after cyber hack

Health insurer Medibank Private has suffered a “significant cyber security incident” and confirmed it has received messages from a group demanding a ransom for the return of data removed from its servers.


Oct 20, 2022, updated Oct 20, 2022
Photo: AAP/Dan Himbrechts

Photo: AAP/Dan Himbrechts

“This is a new development and Medibank understands this news will cause concerns for customers and the protection of their data remains our priority,” it said in a statement.

“Medibank is working urgently to establish if the claim is true, although based on our ongoing forensic investigation we are treating the matter seriously at this time.”

The federal government has confirmed the incident within Medibank after the health insurer went into a trading halt on receiving messages from alleged data hackers.

Cyber Security Minister Clare O’Neil said her department was working with all relevant agencies across government and the facts were continuing to be established.

“This incident is another reminder for Australian governments, businesses and citizens to be vigilant about their cyber safety,” she said in a statement on Wednesday night.

Ms O’Neil confirmed a “significant cyber security incident” had occurred.

She said support was being provided by the Australian Signals Directorate’s Australian Cyber Security Centre and the Department of Home Affairs and she had spoken with Medibank CEO David Koczkar and Australian Federal Police.

Medibank said protection of customer data remained a priority.

Medibank systems have not been encrypted by ransomware, which means usual activities for customers continues,” their statement said.

“We continue to work with specialised cyber security firms and have advised the Australian Cyber Security Centre.”

Steps to safeguard the network and systems may cause temporary disruptions to services, the insurer warned.

InDaily in your inbox. The best local news every workday at lunch time.
By signing up, you agree to our User Agreement andPrivacy Policy & Cookie Statement. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mr Koczkar offered an apology acknowledging the news would concern customers.

“Our team has been working around the clock since we first discovered the unusual activity on our systems and we will not stop doing that now,” he said.

Medibank said it held a “range of necessary personal information of customers” as a company providing health insurance and services.


Local News Matters
Copyright © 2024 InDaily.
All rights reserved.