Final voting results following the company’s annual meeting on Wednesday confirmed Dr Batten would retain her seat on the board, despite more than 25 per cent of votes being cast against her re-election, compared to less than 7 per cent opposed to Mr Wilkins’ own re-election.

“I’m disappointed that shareholders have chosen to vote against her (Dr Batten) re-election,” Mr Wilkins told shareholders in Melbourne on Wednesday.

“But I recognise that this is actually sending a message to the board about the cyber crime and we acknowledge and understand that.

“As a board, we’re committed to Medibank’s purpose, and to regaining the trust of our customers, our shareholders and all of our stakeholders. And Tracey remains an integral part of doing that.

“We recognise that sending a message to the board about the cyber event, and we take due note of that and acknowledge it.”

Last year, Russian cyber criminals hacked into Medibank’s customer database of almost 10 million policyholders, and published health records and other sensitive information — such as pregnancy terminations and mental health conditions — on the dark web.

The company, Australia’s biggest health insurer, is now facing several customer and shareholder class actions, and a clean-up bill of about $150m.

Mr Wilkins said the company was continuing to “work collaboratively” with regulators, including APRA, which has imposed an additional capital adequacy requirement of $250m on Medibank from July 1 until it has met key remediation milestones.

“We have done a number of reviews internally about our response,” Mr Wilkins said at Wednesday’s meeting.

“We’ve also looked at what our customer satisfaction metrics are showing to us, and certainly that, combined with our brand reputation metrics, are getting very close to back to where we were pre the cyber event.

“We have continued to invest in uplifting our security, but I should put that against the background that cyber crime and cyber resilience is just an ongoing issue that all of us are facing. We are facing an arms race.”

Medibank expects to spend $30m-$35m on IT security upgrades, legal and regulatory costs in 2023-24, as part of its response to the cyber attack.

On other matters, Mr Wilkins was grilled several times by shareholders over perceptions the company had backed the Yes vote in the lead up to the recent Voice referendum.

However Mr Wilkins stressed that Medibank had not made a financial contribution to either side of the debate, nor had it put its support behind either camp.

“We took steps to ensure that our people were informed about the position of both sides of the debate and able to participate in a respectful discussion,” he said.

“Our role was not about encouraging people to vote a certain way.”

A statement issued by Medibank in July stated that the company had “long supported self-determination for Australia’s First peoples and we support a First Nations Voice to shape decisions that impact the lives of Aboriginal and Torres Strait Islander peoples”.

“Within Medibank, we have seen first-hand the immense value of structures, both within our business and across the health sector, that amplify the voices of Aboriginal and Torres Islander peoples.”

In his address, Medibank chief executive David Koczkar said the company had started to “see softness in some extras claiming” in recent months, although surgical claims had largely rebounded back to pre-Covid levels.

“And while trends in non-surgical claims remain below expectations — some of which is structural, like we’ve seen in rehab — affordability challenges persist,” he said.

“While we continue to see strong growth in the market, we anticipate the operating environment will become more challenging as cost-of-living pressures persist.”

Medibank reaffirmed its 2023-24 guidance, including forecasts for 1.5-2 per cent growth in resident policyholder numbers. Resident policyholders were up 0.3 per cent by the end of October.

“Medibank Health growth momentum is in line with our FY24-26 target,” Mr Koczkar said.

“Our capital position also remains strong and we continue to target $150m to $250m inorganic investment in Medibank Health.”

The company’s shares were trading 2.1 per cent lower on Wednesday at $3.44.

More Coverage

Pay hit: Medibank exec bonuses cut over cyber hack

JARED LYNCH

‘Customers expect more’: Medibank overhauls leadership

JARED LYNCH

Originally published as Medibank chair Mike Wilkins defends company’s response to cyber attack