Medibank and ahm customers are being urged to be on alert

Australians trusted the company with their most sensitive data. Here’s what you can do if you’re a Medibank or ahm customer.

David Swan

@swan_legend

2 min read

October 26, 2022 - 11:34AM

The Australian Business Network

Medibank says it “will never contact customers requesting passwords or other sensitive information”.

Business

Don't miss out on the headlines from Business. Followed categories will be added to My News.

A hacker has made away with the personal health information and identity numbers of all of Medibank’s nearly 4 million customers, an attack that is expected to cost the health insurer between $25m and $35m and cause significant stress and inconvenience to millions of Australians who trusted the company with their most sensitive data.

So what can you do if you’re a Medibank or ahm customer?

Aside from relying on support from Medibank and the government there are four basic steps that customers can take to try and stay and safe online as possible.

Steps to take

Enable multi-factor authentication across your email, bank and social media accounts to make it impossible for a hacker to log in with just your password. Multi-factor authentication means a hacker might steal your PIN or password, but they will still need another proof of identity to gain access to your accounts.

Regularly check transactions across your bank accounts and keep an eye on your credit score for any unusual activity

Never disclose your personal or banking information over the phone or online unless you can verify the legitimacy of the request

Avoid clicking any suspicious links or attachments or emails.

Find out what was accessed

The company says it is directly contacting customers whose details were caught up in the breach, sending emails or text messages. It‘s currently unclear to what extent past customers are affected.

It’s urging customers to “remain vigilant” and seek advice from trusted sources.

Call for help

If you are concerned that your data may have been caught up in the cyber attack, you can contact Medibank on 13 23 31, or ahm on 13 42 46.

The company says it has increased its call centre staffing numbers to respond to customer inquiries.

If you have been impacted, you can contact IDCARE on 1800 595 160 to limit the damage of identity theft. Then alert your bank.

Medibank in Bourke Street, Melbourne. Picture: NCA NewsWire / Paul Jeffers

Don’t open suspicious emails

Medibank says it “will never contact customers requesting passwords or other sensitive information.”

It said on Wednesday it is offering a “hardship package to provide financial support for customers who are in a uniquely vulnerable position as a result of this crime, who will be supported on an individual basis,” as well as access to Medibank’s mental health and wellbeing support line for all customers, including ahm customers.

Data of all Medibank customers comprised in cyber-attack

Specialist services

The company is also providing access to specialist identity protection advice and resources from IDCARE, free identity monitoring services for customers who have had their primary ID compromised, and reimbursement of fees for reissue of identity documents that have been fully compromised.

If your Medicare card number has been exposed and you are concerned, you can replace your Medicare card for free. You can do this using your Medicare online account through myGov, the Express Plus Medicare mobile app, or calling Medicare.

Services Australia has also put in place additional security measures to protect customer information.

If you believe there has been unauthorised activity in your Medicare account, you can call the Services Australia Scams and Identity Theft Help Desk, who can help secure your account if it’s been compromised, on 1800 941 126.