Medibank systems back online after cyber attack, will share ‘technical information’ with rivals
The major health insurer says a full forensic probe will ‘take some time’, but insists customer services are restored and data safe following Thursday’s cyber attack.
Business
Don't miss out on the headlines from Business. Followed categories will be added to My News.
Australia’s biggest health insurer, Medibank, has told its customers it does not have “all the answers yet” after it detected “unusual activity” that crashed its network this week and engages cyber security experts to complete a forensic investigation.
The company has restored access to its AHM and international student policy systems, which were taken offline on Thursday after the attack.
In a letter to customers, chief executive David Koczkar said there was “no evidence that any customer data has been accessed”, unlike the Optus hack, which stole the personal details of 10 million Australians.
Mr Koczkar said Medibank had engaged external cyber security experts to assist with an investigation and was in “frequent contact” with the Australian Cyber Security Centre, the prudential regulator and other government departments.
Medibank will also share technical information with rival health funds to “help others understand how this incident transpired and to allow our industry peers to bolster their own defences.”
“You may have heard that Medibank has detected unusual activity on our IT network. I’m sorry this has occurred,” Mr Koczkar said in the letter to customers.
“We are working around the clock to resolve this incident and will continue to provide updates as we learn more.
“At this stage, there is no evidence that any customer data has been accessed. We don’t have all the answers yet, but our highest priority is protecting Medibank group customers and our people.”
The ASX-listed insurer said the “cyber incident” had taken down several systems – causing significant disruption to some customers – but added that there was no evidence that sensitive data, including personal information, had been accessed.
Medibank disclosed the attack on Thursday morning, and placed its shares in trading halt. Its AHM and international student policy systems were taken offline to reduce the likelihood of data loss.
On Friday morning, the company confirmed it had restored access to its AHM and international student policy systems.
“We have made good progress with our systems overnight,” Mr Koczkar said.
“Pleasingly, this means that our ahm and international student customers who have been impacted are now able to resume their normal activities.
“As we continue to take decisive action to safeguard our networks and systems, we will take any steps necessary to protect the data of our customers, people and other stakeholders. We will keep everyone updated as we learn more in the coming days.”
Mr Koczkar also warned customers to be vigilant of their behaviour online.
“As always, Medibank will never contact you requesting your passwords or other sensitive information.”
Medibank disclosed the attack on Thursday morning, and placed its shares in trading halt.
Mr Koczkar said: “Our highest priority is resolving this matter as transparently and quickly as possible.”
It comes after senior government figures accused Optus of being uncooperative last month after nearly 10 million customers’ private details, including Medicare and passport data, were stolen during a cyber attack on the telco.
The Office of the Australian Information Commissioner and Australian Communications and Media Authority are reviewing why Optus had kept such extensive data on its customers.
Serious or repeated breaches could result in the OAIC seeking Federal Court penalties of up to $2.2m for each contravention.
Australian Information Commissioner and Privacy Commissioner Angelene Falk said the Optus breach was a “significant incident that is of great concern to millions of Australians”.
“All organisations need to assess the risk a data breach poses to compromising their own customers’ data and ensure additional safeguards are in place,” Ms Falk said.
“Organisations should also make sure that they are only gathering personal information that is necessary to carry out their business. When that information is no longer required, they must take reasonable steps to destroy or de-identify the personal information they hold. Collecting and storing unnecessary information breaches privacy and creates risk.
“And when any organisation experiences a data breach that is likely to result in serious harm, they must be as clear and timely as possible about what kind of personal information is involved. This allows individuals to take steps to reduce their risk. It also enables organisations across the economy to put in place more targeted security controls.”
More Coverage
Originally published as Medibank systems back online after cyber attack, will share ‘technical information’ with rivals
Virgin to trial pets on busiest route — but it won’t be cheap
Only dogs and cats of a certain size will be allowed as Virgin Australia eyes Australia’s busiest route for the staged introduction of its new pets in the cabin policy.
Troubled Fletcher weighs its options
Under-pressure Fletcher Building is actively weighing options including tapping investors for capital and divesting its residential and development unit, sources say.
Remote diagnostic imaging ramped up in regional communities
A pilot this year trialling technology that links an MRI machine in a regional or remote area to a ‘cockpit’ location some distance away is bringing faster diagnostic imaging to isolated areas.
Olivia Wirth’s Myer revival hinges on it all coming together
The former Qantas executive has moved at lightning speed in her first 100 days in charge of the retailer. This is where she wants to take it.
Airlines spruce up premium cabins as demand for luxury takes off
Australian travellers’ enthusiasm for premium cabins has caught the attention of international airlines, who are now racing to upgrade their products on down under routes.
ABC ignored ‘doctored’ audio concerns
ABC boss David Anderson admits the broadcaster's legal team ignored a letter raising concerns over audio depicting an Australian soldier shooting at unarmed civilians in Afghanistan.