Australia’s Medibank has revealed a cyber incident wherein a criminal has claimed to have possession of 200GB of the firm’s data.

The criminal is also said to be having a sample of records for as many as 100 policies with details including first names and surnames, addresses, dates of birth, Medicare numbers, policy numbers as well as phone numbers.

According to Medibank, the data may have been stolen from the company’s ahm and international student systems.

Other details accessed by the criminal includes codes linked to customers’ diagnosis and medical procedures. 

The company said the criminal’s claims of having data related to credit card security are yet to be verified.

The update follows Medibank’s earlier statement of receiving messages from a group that seeks to “negotiate with the company regarding alleged removal of customer data”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

In the previous statement, the company had clarified that its systems had not been affected by ransomware.

In its latest update, the firm said it will start informing the affected customers about the incident, and also offer necessary guidance in this regard. 

Stating that the number of affected customers could be even more, the company said the matter is under probe by the Australian Federal Police.

This apart, Medibank is engaged with cyber security firms, the Australian Cyber Security Centre as well as government stakeholders to address the issue.

Medibank CEO David Koczkar said: “I unreservedly apologise for this crime which has been perpetrated against our customers, our people, and the broader community.

“We will learn from this incident and will share our learnings with others.” Meanwhile, Medibank announced a trading halt to meet its disclosure obligations.