![]() In a call with investors on Wednesday, Medibank’s head of technology and operations, John Goodall, said that the company had deployed monitoring tools on its network and those tools suggest that the hacker is no longer in the company’s systems. Medibank is in communication with the hacker – who obtained stolen Medibank credentials from another hacker on a Russian cybercriminal forum – but the company has declined to say whether it would pay any ransom demands made. This is due to Medibank not having cyber-attack insurance, and this estimated cost does not include customer compensation or regulatory or legal costs that may be brought against the company. The hack is likely to cost the company a minimum between $25m and $35m, Medibank said. The breach will also affect former customers, with Medibank confirming yesterday that state and territory health record laws require the company to keep data for seven years.Ĭustomers will be provided a hardship financial support package if they are in a “uniquely vulnerable position” as a result of the hack, and Medibank says it will reimburse customers for costs associated with the reissuing of ID documents for those that were compromised in the hack. Sign up for our free morning newsletter and afternoon email to get your daily news roundup It is through this communication with the hacker that Medibank has been able to determine the extent of the breach so far. ![]() Medibank still cannot say definitively how many or which customers are affected beyond the 1,000 records provided to the insurer by the hacker in the past two weeks. The health information includes the claim codes made by customers. The personal information includes name, address, date of birth, some Medicare card numbers and gender.
0 Comments
Leave a Reply. |