iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
Speaking in parliament during question time this week, Cyber Security Minister Clare O’Neil gave a grim warning about the severity of the Medibank cyber attack after the private health insurer revealed all of its customers had been exposed.
Cyber Security Minister Clare O’Neil says the damage from the Medibank cyber attack is “potentially irreparable” after the private health insurer admitted that all personal data from its customers had been accessed by the cyber criminal.
“In a lot of cyber attacks, our big fears are around identity theft ... ultimately something can usually be done to protect consumers. We can replace bank cards.
“When it comes to the personal health information of Australians, the damage here is potentially irreparable.
“Australians who are struggling with mental health conditions, drug and alcohol addiction, with diseases that carry some shame or embarrassment, they are entitled to keep that information private and confidential,” Minister O’Neil said.
Medibank’s update on Tuesday this week was “a distressing development” after Australia’s largest private health insurance company had initially assured the federal government that no sensitive personal information was taken during the cyber attack which was first detected on 12 October.
“It has become clear that the criminal has taken data that now includes Medibank customer data, in addition to that of (health insurance business) ahm and international student customers,” the private health insurer explained in a statement.
It has emerged that as much as 200 gigabytes of data was stolen from its servers, including highly sensitive medical details and diagnoses of customers, and hackers shared another 1,000 ahm customer files, adding to the 100 customers it confirmed last week.
Medibank added that it was “too soon” to know the full extent of customer data stolen, the total number of victims or specifically what information was taken.
“As we continue to investigate the scale of this cyber crime, we expect the number of affected customers to grow as this unfolds,” Medibank stated.
Medibank CEO David Koczkar apologised “unreservedly”, confirming the private health insurer is working with the government and the Australian Federal Police (AFP) in their investigation.
“This is a malicious attack that has been committed by criminals with a view of causing maximum fear and damage, especially to the most vulnerable members of our community,” Koczkar said.
The government is working to protect victims of the attack, Minister O’Neil added, and has been focused on tracking down the perpetrators.
“For a cyber criminal to hang this over the heads of Australians is a dog act.
“It is scum of the Earth, lowest of the low territory.
“The AFP are leading a criminal investigation into the matter,” Minister O’Neil said.
Medibank has confirmed it is suspending premium increases after the attack, which was initially planned for this month, until next year.
“Services Australia and the Department of Health are working to protect the government information that may be exposed here.
“Services Australia has done an immense amount of work to protect their own network which has an interaction with Medibank,” Minister O’Neil added.
“One of the reasons why the government is so worried about this is because of the nature of the data that’s been held here.”
Medibank is the latest high-profile Australian business to be hit by hackers in a major data breach. Millions of Optus customers had their personal information stolen by hackers just last month, when hackers hit the telecommunications provider.
[Related: New federal budget set to bolster nation’s cyber resilience]
Be the first to hear the latest developments in the cyber industry.
