Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
Health

Health insurer Medibank Private halts trading after receiving message from company claiming to be behind cyber attack

Health insurer Medibank Private has confirmed it has received messages from a group wishing to negotiate with the company regarding their alleged removal of customer data.

The update comes less than a week after the company was hit by a cyber attack

Medibank says it is working urgently to establish if the claim is true, but is treating the matter seriously.

As a result of this, the health insurer has halted trading on the share market until further notice.

Medibank CEO David Koczkar has apologised to customers and said he understood the latest update was distressing. 

"We have always said that we will prioritise responding to this matter as transparently as possible," Mr Koczkar said. 

"Our team has been working around the clock since we first discovered the unusual activity on our systems, and we will not stop doing that now.

"We will continue to take decisive action to protect Medibank customers, our people and other stakeholders."

Cyber Security Minister Clare O'Neil said she had spoken to Mr Koczkar, and the Department of Home Affairs was working with all relevant government agencies to respond to the incident.

"Significant support has been provided by the Australian Signals Directorate's Australian Cyber Security Centre, and the Department of Home Affairs," she said.

"The incident is another reminder for Australian governments, businesses and citizens to be vigilant about their cyber safety."

'Unusual activity' detected

Medibank first reported "unusual activity" had been detected on its network on October 12.

However, the company said there was no evidence sensitive data, including customer information, had been accessed.

The nature of the business means Medibank holds a range of personal information regarding its customers. 

In a statement, the company said its systems had not been encrypted by ransomware, which meant usual activities for customers could continue.

"Our ongoing response to safeguard our networks and systems may cause necessary temporary disruptions to our services," the statement said. 

"Investigations are ongoing and Medibank will continue to provide regular updates."

Medibank Private is working with specialised cybersecurity firms and has advised the Australian Cyber Security Centre.

It is the latest major cyber attack to hit a large Australian company and follows the Optus breach last month, which affected millions of customers.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.