Health insurance firm Medibank reports cyber attack

Medibank, a health insurance firm in Australia, said it detected unusual activity on its network as a result of a possible cyber attack. Medibank said it will isolate and remove access to some customer-facing systems as.
MedibankMedibank took immediate steps to contain the cyber incident, and engaged specialized cybersecurity firms. Medibank reveals that there was no evidence that any sensitive data, including customer data, had been accessed at this stage.

Medibank does not reveal its IT budget and cyber security partners.

In 2022, Medibank has appointed Alex Loizou as its chief information security officer (CISO). Alex Loizou is responsible for Medibank’s security strategy and oversee security operations, business engagement and the company’s security uplift. He leads the team responsible for security controls and capabilities.

Late last month, Optus, Australia’s second-largest telecoms provider, faced a cyber attack compromising data of up to 10 million customers.

Medibank said on Thursday the isolation of several customer-facing systems would reduce the likelihood of damage to systems or data loss.

“As a result our AHM (Australian Health Management) and international student policy management systems have been taken offline. We expect these systems to be offline for most of the day,” Medibank said in a news statement.

Medibank said its health services continue to be available to its customers, which includes their ability to access their health providers.

Medibank CEO David Koczkar said: “I apologize and acknowledge that in the current environment this news may make people concerned. Our highest priority is resolving this matter as transparently and quickly as possible. We will continue to take decisive action to protect Medibank Group customers and our people.”