{"id":20497,"date":"2022-10-27T16:11:51","date_gmt":"2022-10-28T00:11:51","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/10\/27\/news-14230\/"},"modified":"2022-10-27T16:11:51","modified_gmt":"2022-10-28T00:11:51","slug":"news-14230","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/10\/27\/news-14230\/","title":{"rendered":"Medibank customers&#8217; personal data compromised by cyber attack"},"content":{"rendered":"<p>Australian health care insurance company Medibank <a href=\"https:\/\/www.medibank.com.au\/health-insurance\/info\/cyber-security\/\" target=\"_blank\">confirmed<\/a> that the threat actor behind&nbsp;a&nbsp;cyberattack on the company had access to the data of at least 4 million customers.<\/p>\n<p>Although Medibank at first said&nbsp;that there was &ldquo;no evidence that customer data has been accessed,&rdquo; a week later their investigation shows that the threat actor had access to all Medibank customers&rsquo; personal data and significant amounts of health claims data.<\/p>\n<h2>Stolen data<\/h2>\n<p>The cybercrime investigation shows that the criminal had access to:<\/p>\n<ul>\n<li>All <a href=\"https:\/\/ahm.com.au\/about\" target=\"_blank\">ahm<\/a> customers&rsquo; personal data and significant amounts of health claims data<\/li>\n<li>All international student customers&rsquo; personal data and significant amounts of health claims data<\/li>\n<li>All Medibank customers&rsquo; personal data and significant amounts of health claims data<\/li>\n<\/ul>\n<p>This does not necessarily mean that all these data have been stolen, but Medibank has been contacted by the threat actor claiming to have stolen 200GB of data. They provided a sample of records for 100 policy records which are believed to come from the ahm and international student systems.<\/p>\n<p>The provided data sample includes first names and surnames, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers and some claims data. It also includes the location of where a customer received medical services, and codes relating to their diagnosis and procedures.<\/p>\n<p>The claim&nbsp;that the attackers have stolen other information, including data related to credit card security, has not yet been verified.<\/p>\n<h2>Not just current customers<\/h2>\n<p>Medibank has promised it will commence making direct contact with the affected customers to inform them of this latest development, and to provide support and guidance on what to do next. There may be some surprises, because not all affected people are current customers. Australian law required Medibank to hold onto past customers&#8217; data, which was why former clients could be caught out by this breach. Relevant laws in the country require the company to keep the health information of adults for at least seven years and for individuals younger than 18 until that individual is at least 25 years old.<\/p>\n<h2>What to do?<\/h2>\n<p>Medibank and ahm customers can contact Medibank by phone (for ahm customers 13 42 46 and for Medibank customers 13 23 31) or visit <a href=\"https:\/\/www.medibank.com.au\/livebetter\/newsroom\/post\/medibank-cyber-incident-response\">the\u202finformation page<\/a>\u202fon the website for any updates.<\/p>\n<p>Until the investigation has verified the full extent of the stolen data, it is hard to establish whether your data have been stolen. So far it has been confirmed international students have been affected. Of which there are many, since private health insurance is a requirement when they start a study in Australia.<\/p>\n<p>Medibank provides comprehensive support package for customers who have had their data stolen which includes:<\/p>\n<ul>\n<li>Financial support for customers who are in a uniquely vulnerable position as a result of this crime. They will be supported on an individual basis.<\/li>\n<li>Free identity monitoring services for customers who have had their primary ID compromised<\/li>\n<li>Reimbursement of fees for re-issue of identity documents that have been fully compromised in this crime<\/li>\n<\/ul>\n<p>And they are offering all customers access to:<\/p>\n<ul>\n<li>Specialist identity protection advice and resources from <a href=\"https:\/\/www.idcare.org\/medibank-breach-response\" target=\"_blank\">IDCARE<\/a><\/li>\n<li>Medibank&#8217;s mental health and wellbeing <a href=\"https:\/\/www.medibank.com.au\/health-support\/health-services\/mental-health\/\" target=\"_blank\">support line<\/a><\/li>\n<\/ul>\n<p>This and any new information can be found on Medibank&rsquo;s <a href=\"https:\/\/www.medibank.com.au\/health-insurance\/info\/cyber-security\/\" target=\"_blank\">webpage about the cybersecurity incident<\/a>.<\/p>\n<p>As always, when personal data have been stolen it is advisable to deploy some extra vigilance when it comes to phishing attempts that could very well use some of the stolen information to gain credibility.<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2022\/10\/medibank-customers-personal-data-compromised-by-cyber-attack\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<table cellpadding='10'>\n<tr>\n<td valign='top' align='left'>\n<p>Categories: <a href='https:\/\/www.malwarebytes.com\/blog\/category\/news' rel='category tag'>News<\/a><\/p>\n<p>Tags: Medibank<\/p>\n<p>Tags:  data breach<\/p>\n<p>Australian health care insurance company Medibank confirmed that the threat actor behind the cyberattack on the company had access to the data of at least 4 million customers<\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/www.malwarebytes.com\/blog\/news\/2022\/10\/medibank-customers-personal-data-compromised-by-cyber-attack' title='Medibank customers' personal data compromised by cyber attack'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel='nofollow' href='https:\/\/www.malwarebytes.com\/blog\/news\/2022\/10\/medibank-customers-personal-data-compromised-by-cyber-attack'>Medibank customers&#8217; personal data compromised by cyber attack<\/a> appeared first on <a rel='nofollow' href='https:\/\/www.malwarebytes.com'>Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11172,27865,32],"class_list":["post-20497","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-data-breach","tag-medibank","tag-news"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=20497"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20497\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=20497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=20497"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=20497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}