Medibank confirms no customer data removed in attempted ransomware attack

Medibank confirms no customer data removed in attempted ransomware attack

Private health insurer Medibank Group (ASX: MPL) has this morning confirmed no customer data were removed from its network during a data breach last week detected in parts of the company’s IT system.

The company says the ‘unusual activity’ detected last week was consistent with the precursors to a ransomware event, implying the company’s cyber security systems were able to halt something potentially quite damaging to the firm.

Medibank says it will continue to investigate the incident as part of its ongoing forensic analysis, but that normal operations have since resumed.

“When the unusual activity was detected on part of its network, the company took the precautionary action to temporarily block and isolate access to the ahm and international student customer policy management systems while the activity was investigated,” says Medibank.

“This was done out of an abundance of caution, and it enabled Medibank to provide additional protection of customer data on that system.

“The systems were restored on new IT infrastructure and normal activity resumed for ahm and international student business on Friday 14 October 2022.”

The company adds that its systems were not encrypted by ransomeware during the incident and that there is no indication that it was caused by a state-based threat actor.

“We are sorry this incident occurred, and we understand this news may have caused concerns and inconvenience for some of our customers. We took the necessary precautions to protect the data of our customers, people and other stakeholders, and we will continue to do so,” says Medibank CEO David Koczkar.

“I thank our customers for their patience during this incident. We take the protection of our customers’ data very seriously and ongoing investigations continue to show no evidence customer data has been removed from our network. We will provide updates if the situation changes.

“We will also share technical information with peers across the industry as part of our commitment to helping others understand how this incident transpired and to allow our industry peers to bolster their own defences.”

The update comes after Woolworths Group (ASX: WOW) subsidiary MyDeal announced late last week that the personal data of 2.2 million customers has been affected by a cybersecurity breach.

Woolworths, which announced the breach last Friday, says a comprised user credential was used to gain access to its customer relationship management (CRM) system, resulting in the exposure of some data.

This includes customer names, email addresses, phone numbers, delivery addresses and, in some instances, dates of birth. For 1.2 million customers involved in the breach, only their email addresses were exposed.

The e-commerce subsidiary, which was acquired by Woolworths in September, says it has already commenced the process of contacting the 2.2 million affected customers by email, and has also engaged with relevant regulatory authorities and government agencies.

“We apologise for the considerable concern that this will cause our affected customers. We have acted quickly to identify and mitigate unauthorised access and have increased the monitoring of networks,” MyDeal CEO Sean Senvirtne said.

“We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them.”

Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support

Business success comes from thinking inside the box for TAXIBOX founder
Partner Content
On a first glance, the world of storage solutions might not seem particularly exciting ...
TAXIBOX
Advertisement

Related Stories

Space beer, crops and embryos: Saber unveils plans for International Space Station mission

Space beer, crops and embryos: Saber unveils plans for International Space Station mission

Australian space engineering company Saber Astronautics has today u...

Will philosophy and ‘counterfactuals’ help us unlock the mysteries of AI?

Will philosophy and ‘counterfactuals’ help us unlock the mysteries of AI?

Artificial intelligence is increasingly being rolled out all around...

ACCC launches probe into misleading social media influencer posts

ACCC launches probe into misleading social media influencer posts

Australia's consumer watchdog is cracking down on social media ...

Takeover talks reignited between Tyro and Potentia Capital

Takeover talks reignited between Tyro and Potentia Capital

Talks of a potential takeover are back on between Sydney-based Tyro...