Medibank cyber attack: 5 steps you can take to protect yourself (UPDATED)
Personal health information, including Medicare numbers and procedure details, may have been compromised.
Update 1 December
Hackers behind Medibank's cyber-attack have posted stolen more Medibank customer data on the dark web.
The latest release included a file with multiple compressed files adding up to more than 5GB, The Guardian reports.
Medibank said it is analysing the data but it "appears to be the data we believed the criminal stole". The health insurer added:
"While our investigation continues there are currently no signs that financial or banking data has been taken. And the personal data stolen, in itself, is not sufficient to enable identify and financial fraud. The raw data we have analysed today so far is incomplete and hard to understand."
Below we share expert tips on how you can protect your identity online.
Health insurer Medibank, which has 3.9 million customers, has confirmed the hacker involved in its recent cyber attack has provided the company with a sample of 100 records, which the insurer believes are from its systems.
The criminal claims to have stolen 200GB of data and has sent a ransom note to the company, threatening to leak sensitive customer information.
When Medibank first confirmed it was hit by the attack, the insurer said there was no evidence that sensitive data had been accessed.
But that has now changed.
Federal minister for cyber security Clare O'Neil confirmed the data shown as a sample is Medibank customer information.
The minister said the attack has been referred to the Australian Federal Police (AFP).
Speaking at a press conference, O'Neil said: "The threat being made here, to make the private and personal health information of Australians available to the public, is a dog act."
Medibank said in a statement: "We believe [the data] has come from our ahm and international student systems."
What personal details may have been exposed from Medibank?
Here is the personal information that might have been exposed, according to Medibank:
- Customer names
- Dates of birth
- Medicare numbers
- Insurance policy numbers
- Phone numbers
- Some claims data
The claims data may include the location of where customers received medical services and codes relating to their diagnosis and procedures.
Medibank said the hacker claims to have stolen other information, including data related to credit card security. Medibank added this has not yet been verified by its investigations.
The health insurer said its investigation had found that all Medibank, ahm and international student customers' personal data had been accessed. This includes significant amounts of claims data.
I'm a Medibank or ahm customer: What can I do?
Medibank is directly contacting the customers whose details were included in the known breached records. It has been sending emails or texts to its other customers about the breach.
If you're a concerned Medibank or ahm customer, you can contact the company by phone.
ahm customers can call 13 42 46. Medibank customers can call 13 23 31.
Medibank has increased call centre staff numbers to respond to customer concerns.
You can also visit Medibank's website for any further updates on this story.
Medibank said it had set up specialised teams to help its customers who receive scam threats.
The insurer is deferring its annual premium increases until January 2023.
Steps to protect your identity online
In a website statement, Medibank said customers should "remain vigilant" and seek independent advice from trusted sources, including the Australian Cyber Security Centre at cyber.gov.au.
Medibank confirmed it "will never contact customers requesting passwords or other sensitive information".
You can make your personal accounts more secure by changing your online passwords and enabling multi-factor authentification.
Never disclose any personal or financial information unless you know the sender and are sure the request is legitimate.
And avoid clicking on any links or attachments you're unsure of.
Regularly check your banking transactions and monitor your credit score for any unusual or incorrect debts.
If I'm a victim of identity theft, how should I respond?
Security expert Maxime Cousseau said victims can do the following:
- Report the matter to your local police. Ask for a police report or reference number so you have evidence that you reported the issue.
- Alert your bank or financial institution.
- Contact IDCARE (on 1800 595 160) to limit the damage of identity theft.
- Report the matter to the ACCC's Scamwatch.
- Consider whether you need a Victim's Certificate.
Compare health insurance on Finder if you're looking to switch providers.