5 things to know about the Medibank data breach

The biggest health insurer in Australia has seen better days…

Image by Juan Cruz Godoy from Pixabay

Medibank, the biggest health insurance company in Australia, has been the victim of a significant data breach in the past few weeks.

Here are five key points:

• Medibank discovered odd behavior on its networks on October 13. The impacted systems were deactivated.
• Such activity turned out to be a cyberattack. It led to the theft of personal information from 9.7 million Australian consumers.
• Cybercriminals claimed to have stolen 200 gigabytes of client data, which Medibank believed might contain personal information such as medical procedures and diagnoses, addresses, Medicare numbers, and perhaps credit card information.
• According to cybersecurity experts, the attackers are most likely related to REvil, a Russian ransomware organization. Australian Federal Police Commissioner Reece Kershaw informed reporters during a brief news conference that investigators had identified the persons involved for the attack (yet declined to name them). This has caused tensions with the Russian government.
• The deadline for paying a ransom was November 8 around midnight. With no funds received, the criminals leaked a first batch of data on November 9. This included Medibank employees’ personal information, passport numbers, medical diagnoses of psychiatric illnesses and substance addiction. On November 10, they published another 300 documents including personally identifying information of account holders who had abortions.

Health data breaches are nothing new but this one is particularly noteworthy due to its reach (and the criminals’ willingness to cause reputational damage).

This story was first published on The PhilaVerse (my Substack newsletter).