Oct. 20 (UPI) -- Hackers have breached the cloud-based data network of one of Australia's largest health insurers, potentially exposing the personal information of millions of patients throughout the country.
Medibank issued a statement Thursday revealing cybercriminals had circumvented its security controls and absconded with 200 gigabytes of customer data that may include credit card numbers, home addresses, Medicare account numbers, and the private details of diagnoses and medical procedures.
Clare O'Neil, the official in charge of cybersecurity for the Australian government, has provided several updates on social media about the federal investigation, which she described as a "quickly changing situation."
Government investigators are heading up a criminal probe with the help of cybersecurity experts from the Australian Signals Directorate, but so far authorities have not announced any suspects nor arrests.
Related
- Ransomware hackers release data from Los Angeles school district
- Survey finds cyberattacks on healthcare facilities increase patient mortality
- State Department offers $10 million reward for ransomware hackers
- Pacemakers, insulin pumps can be hacked, experts say
- FBI: Americans lost $7B in 2021 to Internet crime
- Russian cyberattacks could threaten U.S. healthcare system, experts warn
Meanwhile, Medibank issued a formal apology to customers, saying it learned about the breach after an anonymous perpetrator called the company in recent days to "negotiate" a ransom.
The voice over the phone claimed the heist of 200 GB of data, and the person later provided a sample of 100 policies to prove it.
The health insurer confirmed the legitimacy of the policy information held by the culprit, adding that the company was personally reaching out to clients because the hacker threatened to harass the company's "most prominent customers."
The insurer could not immediately verify the overall number of customers affected by the breach, nor whether personal data had been fully compromised.
"The criminal claims to have stolen other information, including data related to credit card security, which has not yet been verified," the insurer said.
The company touts nearly 4 million customers nationwide, but only 1 million have their critical information stored in the database that was hacked this week.
In an email to customers late Wednesday, the insurer said its systems were functioning but to expect some technical delays as the company works "to safeguard our networks."
Preliminary analysis indicated the stolen data likely came from a database of insurance products for international students, which was briefly taken offline last week when Medibank technicians discovered "unusual activity consistent with the precursors to a ransomware event."
"We will learn from this incident and will share our learnings with others," Medibank CEO David Koczkar said, according to the Guardian.
